Last Updated: May 11, 2017
· _jeffreyjackson

resign .ipa with new CFBundleIdentifier and certificate


  1. .ipa filename is app.ipa
  2. app is called MyApp
  3. new provisioning profile resides at: ~/Downloads/AdHoc.mobileprovision
  4. distribution certificate name is Company Certificate
  5. may not need resource-rules parameter
  6. provisioning profile is either for Adhoc, or Enterprise distribution
  7. The bundle identifier needs to change. (Otherwise, look at my other pro-tip here: https://coderwall.com/p/cea3fw).
  8. com.mycompany.newbundleidentifier is the new CFBundleIdentifier


unzip app.ipa

rm -rf Payload/MyApp.app/_CodeSignature/

/usr/libexec/PlistBuddy Payload/MyApp.app/Info.plist

While in PlistBuddy you will need to do the following commands:

Set :CFBundleIdentifier com.mycompany.newbundleidentifier

Now we are back in Terminal!

cp ~/Downloads/AdHoc.mobileprovision Payload/MyApp.app/embedded.mobileprovision 

codesign -f -s "iPhone Distribution: Company Certificate" --resource-rules Payload/MyApp.app/ResourceRules.plist  Payload/MyApp.app

zip -qr app-resigned.ipa Payload/
Say Thanks

6 Responses
Add your response

0 tlypqjdhvdbqz8dq3 suqx0j4arnb8dq be2qxj8fdxkexondimxh0wm9qkwqbh486ysw47s yjo

Still didn't work

over 1 year ago ·
0 izp7yyigbckbpcg3itypyj8ybkcnacp33lhryjtte9iqa6kt712 rg67mgbwt5tdg9ollshdfkv

Works great - Would like to add that you can also use this function for others Property preferences (https://developer.apple.com/library/ios/documentation/general/Reference/InfoPlistKeyReference/Articles/CoreFoundationKeys.html)

Thanks for the trick !

over 1 year ago ·

If you are not familiar with command line, you could also try AirSign.app (http://www.airsignapp.com).

You cn change your bundle ID, resign your .ipa and then send it for over-the-air installation.

over 1 year ago ·
0 eokdzfbec6ymdsx3em5szubkg8rh7so3e0knzsxjj5fjkodtx4nl9dkc2au92g0dwjqcbosng t5

I got an ipa and I re-signed it with EXPIRED provisioning profile (Enterprise) and with a valid certificate(.p12). using steps mentioned below :-

and Re-Sign it with steps provided by you

when I am extracting ipa (getting .App file) -> doing show package Contents (on .App) -> checking content of embedded.mobileprovision. it show same expired provisioning profile that i used to Re-sign the ipa.

Problem : I am successfully able to install it to ipad and able to run the app. Ideally App should not work with Expired provisioning profile.

Question : If we Re-signing the app through Command-line with Expired profile Will it work.?

over 1 year ago ·

Bruces-Mac:WeChat bruce$ codesign -f -s "iPhone Distribution: your compnay Co., Ltd" --resource-rules Payload/WeChat.app/ResourceRules.plist Payload/WeChat.app
Warning: --resource-rules has been deprecated in Mac OS X >= 10.10!
Payload/WeChat.app/ResourceRules.plist: cannot read resources

What should I do to solve this problem?

over 1 year ago ·

First, thanks for this post, it really helped me. But as some others i still run into the problem while signing an app. My iPhone did not installing the app and threw an errors concerning wrong signing. My goal was to sign an app that was originally not developed by myself.

Perform all the steps above, until the step where you actually have to sign the app (codesign -f -s "iPhone ...").

We need to create an entitlements.xml where the Bundle Identifier matches what you want to sign.

Retrieve entitlements from the app (In case there is no entitlements in the App, create an xCode Projekt and retrieve the entitlements from there.)

codesign -d --entitlements entitlements.xml Example.app/Example

This entitlements.xml has some strange characters at the beginning, looks like some integrity check (CRC?) just remove it. That the file actually starts with <xml

Now change the bundle identifier to the one of your App: com.example.AppName The important step here, leave the AppName as it is, or if it does not match the App name, rename it that it does. (See exammple below to get an idea what to do)

This step will replace the codesign step from above:

codesign --entitlements entitlements.xml -f -s "iPhone Distribution: Company Certificate" Payload/Example.app/

Now do the last step above and zip the app.

Example entitlements.xml

ABCDEFGHIJ = apple developer team identifier
com.example.AppName = bundle identifier com.example needs to match your developer identifier, AppName the identifier of the app

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
7 months ago ·