Part of being an iOS developer is going through the hell of signing builds. It's even more fun when you have to re-sign a build that isn't yours.
Here's a bit of a process for doing it, while avoiding XCode and the misery that it introduces.
Converting an xcarchive
If you're given an .xcarchive file, you should turn this in to a .ipa (skip ahead if you already have a .ipa).
To do this:
Right click on your .xcarchive file and select "Show package contents".
Go to Products/Applications and drag the app you find there in to iTunes.
Once the app imports in to iTunes, right click it and select "Show in Finder".
You now have your .ipa
Re-signing an .ipa
An .ipa is just a zip file. To modify it, you need to extract it, have your way with it, sign it again, and recompress it.
Unzip your app with:
Remove the old codesignature:
rm -r Payload/MyApp.app/_CodeSignature
If you want to (it's optional), change the bundle ID. It's in the file:
Copy in the new Provisioning profile:
cp NewProfile.mobileprovision Payload/MyApp.app/embedded.mobileprovision
Sign the package again (running
security find-identity will give you a list of identities, from which you can pick the one you want):
codesign -f -s "iPhone Distribution: A Developer (YLDDA23U7G)" Payload/MyApp.app
Zip the app up again:
zip -qr MyApp-re-signed.ipa Payload/
This ipa should be signed with your new profile.
Sometimes when uploading to the app store, iTunes connect will complain about having incorrect entitlements. To add/change the entitlements file for an ipa, run step 5 with the
codesign -f -s "iPhone Distribution: A Developer (YLDDA23U7G)" --entitlements entitlements.plist Payload/MyApp.app
An example entitlements file might look like:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
More information on entitlements files and a more thorough overview of the whole process can be found here: