How to tell what profile/signing certificate was used to sign .ipa? How to tell what profile/signing certificate was used to sign .ipa? ios ios

How to tell what profile/signing certificate was used to sign .ipa?


Provisioning Profiles have a UUID that can be seen using the Terminal command:

security cms -D -i (path_to_your_provisioning_profile)

See the UUID section of the command output like:

<key>UUID</key> <string>A008C022-7B82-4E40-8B37-172763E1E3CC</string>

Xcode inserts the provisioning profile used to sign the application within the .app bundle. To find it, rename your .ipa to .zip, uncompress it with Finder, find the .app file in /Payload. "Show Package Contents" on the .app file and find the provisioning profile with the name embedded.mobileprovision.

Dump its entitlements using the above command and compare that with the UUID found within your profiles in your Xcode Organizer > Devices tab > Provisioning Profile section under "Library". You can use "Show in Finder" on those to reveal their location on disk.


Late to the party....

But this tool saves me some time: nomad/shenzhen

$ ipa info /path/to/app.ipa+-----------------------------+----------------------------------------------------------+| ApplicationIdentifierPrefix | DJ73OPSO53                                               || CreationDate                | 2014-03-26T02:53:00+00:00                                || Entitlements                | application-identifier: DJ73OPSO53.com.nomad.shenzhen    ||                             | aps-environment: production                              ||                             | get-task-allow: false                                    ||                             | keychain-access-groups: ["DJ73OPSO53.*"]                 || CreationDate                | 2017-03-26T02:53:00+00:00                                || Name                        | Shenzhen                                                 || TeamIdentifier              | S6ZYP4L6TY                                               || TimeToLive                  | 172                                                      || UUID                        | P7602NR3-4D34-441N-B6C9-R79395PN1OO3                     || Version                     | 1                                                        |+-----------------------------+----------------------------------------------------------+

2020: Update from the maintainer

https://github.com/nomad/shenzhen/blob/master/README.md

Note: shenzhen uses the Xcode 6 build API, which has been deprecated for almost 3 years now. This causes problems if your app makes use of Swift 3, watchOS and other app targets.

A maintained alternative to build your iOS apps is gym which uses the latest Xcode API. To distribute builds, you can use fastlane. More information on how to get started is available on the iOS Beta deployment guide.


Based on Bobjt's answer, I used IPCU to get the details of the profile:

  1. Rename your .ipa to .zip
  2. Uncompress it with Finder
  3. Find the .app file in /Payload.
  4. "Show Package Contents" on the .app file and find the provisioning profile with the name embedded.mobileprovision.

  5. Drag the mobileprovisioning file into iPhone Configuration Utility

IPCU shows the Name/Expiration Date etc of the profile.