How to re-sign the ipa file?
It's really easy to do from the command line. I had a gist of a script for doing this. It has now been incorporated into the ipa_sign script in https://github.com/RichardBronosky/ota-tools which I use daily. If you have any questions about using these tools, don't hesitate to ask.
The heart of it is this:
CODESIGN_ALLOCATE=`xcrun --find codesign_allocate`; export CODESIGN_ALLOCATEIPA="/path/to/file.ipa"PROVISION="/path/to/file.mobileprovision"CERTIFICATE="Name of certificate: To sign with" # must be in keychain# unzip the ipaunzip -q "$IPA"# remove the signaturerm -rf Payload/*.app/_CodeSignature# replace the provisioncp "$PROVISION" Payload/*.app/embedded.mobileprovision# sign with the new certificate (--resource-rules has been deprecated OS X Yosemite (10.10), it can safely be removed)/usr/bin/codesign -f -s "$CERTIFICATE" Payload/*.app# zip it back upzip -qr resigned.ipa PayloadYour new signed app is called resigned.ipa
Check iResign for an easy tool on how to do this!
[edit] after some fudling around, I found a solution to keychain-aware resigning. You can check it out at https://gist.github.com/Weptun/5406993
Kind of old question, but with the latest XCode, codesign is easy:
$ codesign -s my_certificate example.ipa $ codesign -vv example.ipaexample.ipa: valid on diskexample.ipa: satisfies its Designated Requirement