iOS Provisioning and Certifcates - Will Revoke/Renew Effect App Store Apps

  • Home
  • Languages
  • iOS
  • iOS Provisioning and Certifcates - Will Revoke/Renew Effect App Store Apps

iOS Provisioning and Certifcates - Will Revoke/Renew effect App Store Apps?

For App Store apps, you don't need to worry. The signing information on app store binaries is only used for the initial validation to ensure it came from you. Once it has been uploaded the binary will be transformed and resigned with Apple's private key, encrypted with Fairplay, etc.

This means revoking your distribution certification will not affect live apps. You only need to worry if you have an enterprise account.

If I revoke an existing distribution certificate, will it mess up anything with existing apps?

There is no problem doing this unless you are on an enterprise account. Distribution certificates expire anyway, so eventually it will happen that you need a new one. Go ahead and delete away.

You can also find this question asked, answered, and asked again many times over on the Apple Dev forums (e.g. here's one), so google around there if you're still hesitant.

About Enterprise Developer accounts:
With thanks to Mike's comment

An App store app gets resigned with an Apple certificate when it goes on the store. Revoking the cert in the provisioning portal therefore won't affect it. Enterprise apps use the original certificate, which means revoking it will cause the app to stop functioning on all devices it is installed on. If you revoke an enterprise account's certificate, all apps installed on all employee devices will stop working

Renew / Revoke ios distribution certificates - effect on ad-hoc users

The version on their devices will run until the installed profile expires. It should only affect applications that are not installed yet and will be installed by the old ipa. Only the new ipa with the new profile is able to be installed after rejection.

So far my experiences with it

Renew Push certificate and keep current App Store App working xcode 8.3.3

You don't have to recompile the app or resubmit the app to AppStore. Just create a new APNS certificate and test it with your current app. Once everything is fine, revoke the old certificate.

If I revoke iOS Enterprise will the app still work?

Revoking the certificate will make any existing apps fail. I believe the certificates are checked when the device is rebooted.

You need to create another new certificate and update your user's device with a newly built app.

However, even if you don't revoke the current certificate, any existing apps will still stop working when it expires in a few days.

https://developer.apple.com/library/ios/documentation/IDEs/Conceptual/AppDistributionGuide/DistributingEnterpriseProgramApps/DistributingEnterpriseProgramApps.html#//apple_ref/doc/uid/TP40012582-CH33-SW13

How to renew ios distribution certificate

The certificate expires automatically from 365 days of creating. You can see when you create new one. Its best to create new one once it is expired.

For revoking go to production and click on certificate and dropdown option will come to revoke. Apple Developer Center->Certificates, Identifiers & Profiles->Production->Certificate(i.e for revoke)

Revoke Distribution

Will revoking In-House Distribution certificate affect applications which are currently distributed?

Unfortunately, yes. For enterprise distributed apps, the devices will regularly check with apples servers whether the certificate which has been used to sign them is still valid. So revoking the certificate will make those installations fail. Maybe not until the next reboot, maybe not when there is no internet connection available, but sooner or later, the app will refuse to launch.

If availability of the app must not be interrupted, you need to take precautions - for example by preparing the new version and notifying all users ahead of time that at a certain date, the old version will stop working and the new one must be installed.

Update:
I kept investigating and it appears like you can have two distribution certificates at the same time now. This is meant to eliminate gaps in app availability by allowing you to phase from one cert to another, way before the first one expires.

If this is still true, you might be able to simply create another distribution certificate without revoking the existing one. You will need to create new provisioning profiles as well (or update the old ones to use the new cert), but that shouldn't invalidate those already deployed. You would then be able to distribute the new / updated app and the existing installations will remain unaffected.

It has been some time since I last worked with enterprise distribution and right now, I don't have access to an enterprise dev account, so I can't try. But I don't think there is any risk if you just go ahead and try it - I assume the portal will either let you create a second cert or it just won't...


Related Topics

Swift Framework: Umbrella Header '[...].H' Not Found

Error Itms-90339: This Bundle Is Invalid . the Info.Plist Contains an Invalid Key 'Cfbundleresourcespecification' in App Bundle

Expanding and Collapsing Table View Cells in iOS

Programmatic Uiscrollview with Autolayout

How to Calculate the Height of an Nsattributedstring with Given Width in iOS 6

Tableview Reloaddata VS. Beginupdates & Endupdates

Spacing Between Uitableviewcells

Right Aligned Uitextfield Spacebar Does Not Advance Cursor in iOS 7

How to Rotate an Uiimageview by 20 Degrees

Nsstring Containsstring Crashes

Number of Days in the Current Month Using iOS

How to Make Uiimageview Automatically Resize to the Size of the Image Loaded

iPhone Uitextfield Background Color

Xcode: Could Not Inspect the Application Package

iOS Cgcolor Versus Uicolor

Create Uicollectionviewcell Subclass with Xib

Why My App Is Not Shown in Icloud Drive Folder

How to Access Swift 4 Class from Objective-C: "Property Not Found on Object of Type"


Leave a reply



Submit