If you’re in the iPhone Developer Program, you’ll be able to run you code in a phisical device, with the following process:
- –
- Create a Certificate Signing Request (CSR) and submit to the developer portal
- Download and install the code singing certificate (Development/Distribution certificate) to your Keychain
- Download and install the WWDR certificate
- Create/Download a Provisioning profile listing the devices you intend to run the program on
- Install the provisioning profile to your development machine by dropping it into iTunes
- Set the Certificate/Provision profile in your XCode project
Throubleshooting/things to verify:
First re-read iPhone Developer Portal Program Guide PDF to make sure you’ve followed every step correctly.
The two basic types of issues you can have:
- The app is not signed
- The app is signed, but you cannot run/load it into the device
Verifying if your app is signed
You can check if you app is signed by verifying the followin 2 things:
- There was a CodeSign step during the build
- The built package contains a
CodeResourceandembedded.mobileprovision
If it’s not signed double check the followings:
- XCode project is set up correctly
Code Sigining Identityis:iPhone Development: yournameoriPhone Distribution: yournameand the Code signing provisioning profile is set to a porfile you’ve downloaded. It shouldn’t beDefault provisioning profile for code signing identity - If you set these things at project level make sure they aren’t overriden in target level
- Voodoo: Quit XCode, clean, rebuild
If you can’t even select the provisioning profile in XCode check the followings:
- Is the active target in XCode the same as the settings you’re editing? Here is the thing: it seems that the provision profile popup contains profiles matching the active target’s certificate (and no the one you’re editing). So make sure that you select the current configuration in Project/Set Active Build Configuration
- Do you have the WWDR certificate installed? Check
Apple Wordwide Developer Relations Certificationin Keychain - Do you have my Distribution Certificate in keychain? Check for
'iPhone Developer: name'and/or'iPhone Distribution: name'in Keychain. There should be a gray trinangle to the left of if, and on open it should show your private key. - Do you have the provisioning profile installed in
~/Library/MobileDevice/Provisioning Profiles/. Drag and drop the profile to iTunes to fix this.
The app is signed, but you cannot run/load it into the device
First get iPhone Configuration Utility, it’s a great app to get more information, you can check your console log, install single application and check installed provisioning profiles.
- Do you have the provisioning profile installed to your iPhone? Use
iPhone Configuration Utilityto verify
There can be also issues with App-ID that will prevent from application to run.
- In my experiecnce you should just use
*as app id. - If you have a
entitlement 'application-identifier' has value not permitted by provisioning profilein your iPhone console log, then try using a wildcard (*) App ID
Ad Hoc profiles:
I just couldn’t get Ad Hoc profiles to work. I always have this error in my iPhone console log:
entitlement 'get-task-allow' has value not permitted by provisioning profile
I’ve tried following every step of the iPhone Developer Portal Program Guide PDF, and i still get this.
In iTunes i either get a 0xE8000001 or 0xE8000013 when trying to install an application with an AdHoc provisioning profile.
Update: Apple has just updated the instructions in iPhone Developer Portal Program Guide PDF. They now tell to add ‘Entitlements.plist’ with ‘get-task-allow’ set to false to the Entitlements.
You should also verify your provision profile with a text editor. The plist embedded should contain these lines:
<key>Entitlements</key>
<false>
You should also remove old provision profiles without the iPhone (Use iPhone Configuration Utility). As having a bad provisioning profile will prevent your app from installing.
Miklós Fazekas's blog 
I am having the exact same problem, with the same message on Ad Hoc distribution attempts… it’s driving me nuts, and I the documentation is very poor! If you figure out a solution, I’d very much appreciate it if you’d share!
Same problem with ad hoc here, although I thought I had ad hoc working once the first time I tried it.
Apple posted extendend instructions for Ad-Hoc profiles. (See the .pdf)
They now suggest creating an Entitlement.plist with ‘get-task-allow’ set to false.
Hi Miklos
I am having problems trying to understand how to submit a CSR. It seems very obvious because nobody mention how to do it. What is the exact link or the exact email address? If is an email, do I have to put a subject on it?
Regards
Mc Keena
Mc Keena,
Please read the PDF(iPhone Developer Program User Guide) at the portal. It describes (with pictures) the process of sumbitting the CSR.
It’s not via email, you have to upload to the portal.
Miklos
I have the problem where my code signing provisioning profile is not in the list when I select the pull down.
You state
“If you can’t even select the provisioning profile in XCode check the followings:
Do you have the WWDR certificate installed? Check Apple Wordwide Developer Relations Certification in Keychain
Do you have my Distribution Certificate in keychain? Check for ‘iPhone Developer: name’ and/or ‘iPhone Distribution: name’ in Keychain. There should be a gray trinangle to the left of if, and on open it should show your private key.
Do you have the provisioning profile installed in ~/Library/MobileDevice/Provisioning Profiles/. Drag and drop the profile to iTunes to fix this.”
There is no grey triangle left of my iPhone Distribution: MyName entry in the KeyChain app. Could this be the reason I can not create apps that have the appropriate files in them to be able to be installed adhoc?
The triangle does appear beside my iPhone Developer: MyName entry.
Any ideas?
Lee
Lee,
If you don’t have the triangle next to “iPhone Distribution: MyName”, it means your private key used to create the the certificate request is missing from keychain.
The best solution is to recreate the distribution certificate request.
I re-did my Key and my distribution certificate. The key now shows the grey triangle. The compiled application now includes a _CodeSignature directory with the CodeResources file inside of it.
There is also an embedded.mobileprovision file.
It still throws the same error.
Ideas?
Lee
Lee,
What is the error you’re having? Note that you cannot run the code signed with Distribution profile on your device, except AdHoc, or when apple approved your project.
OK. My machine crashed and I have had to start all over again on a new machine.
Each time I request a certificate I do not get a grey triangle nor an associated key.
I have generated the key with the exact common name I used when I joined up.
I copy the entire contents including the begining and ending indicators.
I double click the cer to install.
No associated key shows up with the cert.
Lee
If I check the keys grouping in keyChain there is no key.
I have been doing these steps over and over. Sometimes it works and there is an associated key. Other times it does not. It seems like it may have something to do with the name of the cer file. I got rid of all of the old ones so that it would not have a name like
CertificateSigningRequest-1.certSigningRequest
This time there was an associated key.
I successfully enrolled as an “individual” and am trying to verify if I can add a device ( my iphone ) which I have already done, then in one weeks time, remove the app id from my individual dev portal and add the same device ( my iPhone) to my new company dev license. I assume this will work but just want to ensure I can migrate without harming my device or getting my license / certificate revoked because my iPhone is used on two different dev accounts.
Anybody know ?
I’m having a unclickable distribution profile, it’s greyed, and i have no clue why.
~/Library/MobileDevice/Provisioning Profiles/ doesn’t exist on my system but i still see the distribution profile greyed out. I can’t find where they’re store.
Jake,
You can have your iPhone id added to multiple company provision profile.
Patricia,
The distribution profile is gray in where? In XCode? You can also use the iPhone Configuration Utility to manage provisioning profiles.
FINALLY!!!
DipDog3 at the following page:
http://forums.macrumors.com/archive/index.php/t-518011.html
SOLVED my problem with Ad Hoc Distribution…
First, look at your ad-hoc provisioning file in text edit (just view it, don’t overwrite it!)
If it does NOT contain a line that says “get-task-allow” then you need to go to the program portal and get a NEW ad-hoc provisioning profile.
There is a workaround where you can use the provisioning profile without this key, but Apple apparently has added this key to the ad-hoc provisions, and you might as well have the latest.
However, that is not the final fix.
The next thing you have to do is add a new file to the root of your project … file, new file, iphone, code signing, entitlements. Call it “dist.plist” …
Open that file, and it will say “get-task-allow” with a checkmark for “true” — this needs to be FALSE. Uncheck the checkbox, or if in text mode, type in “false”
OK, almost there!!!
Open the target build info window and where it says “Code Signing Entitlements” add “dist.plist”
CLEAN THE BUILD
BUILD AND GO
ENJOY.
I’m stymied because the Info/Build panel shows my “iPhone Developer:David….” but there is no development provisioning profile beneath it. However, the Organize window shows a “.mobileprovision” file. I have followed the Developer Program User Guide faithfully, and my Keychain entries seem to be in order. What could be wrong?
I’m having trouble with ad-hoc, even after doing the entitlements.plist song and dance. My original provisioning profile that I download from the portal contains the value true for the key get-task allow (bad), so I assume that creating the entitlements.plist file is supposed to overwrite this when the profile gets transferred to the device or something. Sadly, when I try to transfer my app to the device, I still receive the error “entitlement ‘get-task-allow’ has value not permitted by provisioning profile”. I then opened the app bundle to view the embedded.movileprovision file. It still has true for get-task-allow! Why is this not working?
Hi,
I can’t select my distribution provisioning.
In KeyChain I can see:
. iPhone Developer: my name and it’s private key
. iPhone Distribution: my and and it’s private key
(I used the same key to generate both the developer & distribution certificate. Can this be the cause of my problem ?)
I’ve installed Apple WorldWide Developer Relations Certification
The provisioning file is in ~/Library/MobileDevices/Profisioning Profiles/
But I can’t enable my distribution provisioning from xcode… it is disabled.
Any ideas ?
Thanks!
Hi riq!
If you can’t select the profile in XCode you have probably different Target selected in XCode. Make sure when you set the active configuration in the project to the same as you’re editing!
Regards,
Miklos
Apple deserves the Ig Nobel Prize for Complexity on this distribution process… I’ve spent the day generating certificates, downloading, building… no success with Ad Hoc distribution yet.
Hmmm… it worked. There is a bug in the step-by-step procedure. You should do a complete Distribution build BEFORE editing the Info, otherwise you may not be able to select the correct provisioning profile. When you build, XCode will ask your permission to use your distribution key and if you edit the Info AFTER this, you should find the option to select your provisioning profile.
Hi Helder da Rocha,
I tried what you suggested (doing a BUILD before editing), but even that doesn’t work.
Any other ideas?
Or do I have to completely un-edit and then BUILD?
If you only see de default provisioning profile, the solution is select the device on Menu Project -> Set Active SDK
I started from scratch. Moved the code to a new project, did a normal build on the simulator. Then clean all, erase the build directory. After that I spent some 2 hours following the instructions paying attention to every detail. For example: 1) pay attention to the EXACT string of your developer or team identification (my first error was not noticing that the application identified me as Helder Da Rocha, and not Helder da Rocha – notice the uppercase D); 2) note the space after the “:” and the string iPhone Developer or iPhone Distribution before it. Even following all details, it still didn’t work, so then I did that distribution build, and checked to see if the provisioning profile was generated in the build logs (see end of the PDF for that). It was not, so I did what it told me: clean all again, erase build directory contents, restart XCode. This time it worked.
To make a self-installing via iTunes app (this is not in the documentation):
1. create a directory called Payload
2. Put your .app inside it.
3. Rename your 512×152 application icon to iTunesArtwork (no extension).
4. Compress the Payload directory and the iTunesArtwork file.
5. Rename the zip file to .ipa.
Now if you double click it should automatically install in iTunes (it will only work in your iPod if you previously installed a valid .mobileprovision for the application in iTunes). You can then distribute your Ad Hoc apps to your beta-testers sending them the .mobileprovision configured for their device IDs + the .ipa file.
I feel like such a fool!
I was also not able to get the Ad-hoc provision profile to show up in the Xcode build panel. Then I finally realized that I had for the Code Signing Identity “iPhone Developer: mycompanyname” instead of “iPhone Distribution: my companyname” Doh! I changed that along with changing the target build… and now I building!
Whew! This is tougher than any adventure game I know!
Thanks!
Yeah, what an ordeal! I had problems when I filled in both the “Code Signing Identity” and the “Any iPhone OS Device” fields. It then could not find my Code Signing Provisioning Profile. I erased everything, filled in only the “Any iPhone OS Device” field, and then was able to select my Provisioning profile from menu. Then, everything seemed to build okay, but I am waiting to hear whether it will actually run on “Ad Hoc” device.
One thing that seems odd is my Code Signing Identity that works is “iPhone Distribution: myname” instead of “iPhone Distribution: mycompanyname,” whereas the private key is identified with “mycompanyname”. I thought I followed the directions. Not sure if it matters.
Tim,
Mycompanyname vs. myname. I think that it’s depends on the ADC account you’ve registered the iPhone Developer Program. So it doesn’t really matter how you name your private key, apple will rename to your Dev Program name.
Ok -here’s my problem – I’ve read all the above.
I can see my “iPhone Profile” in the iPhone/Settings/General
I can see both Developer and Distribution Certificates in KeyChain with grey triangles against both.
I can only run on the device if I have Default Provisioning Profile for Code Signing Identity selected. If I select “iPhone Profile” from the list (it is there) then it will immediately error on build with “No Provisioning Profile found with UUID : XXXX” where XXXX is both very long and NOT my Device’s ID.
My AppID (viewable on the Portal) is just STRING.* although my BundleIndentifier is set to com.yourcompany.${PRODUCT_NAME:identifier}. It doesn’t seem to matter what I change the text to before the $ – it can be anything and it’ll still work on the device as long as I have Default Provisioning Profile for Code Signing Identity set.
As to code signing identity, it is indeed set to iPhone Developer: My Name.
I’ve not got to distribution yet – I’m just curious as to why I can’t use my “iPhone Profile” and must use the Default one, and why it doesn’t seem to matter at all what the BundleIdentifier is set to.
Any thoughts…?
Ok – update for those interested.,, I followed this document closely and for the first time properly appreciated the different settings between the Project and the Target.
Click to access distributing_multiple_apps_readme.pdf
I can now use my named iPhone Profile and all is well. Flushed with success I tried for a ad-hoc Distribution build and again followed what was in that document. Added all required device UUIDs to the Dist Prov Profile, dragged it to XCode and verified it was in the right folder afterwards. It build ok and searches in the Build Log found “embedded” and “CodeSign” as this doc describes. All looking good. Except…it won’t install via iTunes as the App cannot be verified. My BundleIdentifier is still of the form com.yourcompany.$ etc and I’m beginning to suspect my wildcard AppID is at fault. A friend who had the same problem has just reported success by creating a new non-wildcard AppID and editing both his profiles to update for this and has successfully built a new Dist Build that we’ve both installed via iTunes.
Wow this is awkward, I must say… Off to try some more.
[…] on this page too: Distribution Provisioning Profile not showing up | V2EX and this page too: Debugging iPhone provision profiles/certificates « Miklós Fazekas’s blog Still no go. My only opinion is still "Default Provisioning Profile for Code Signing […]
goose thanks a bunch man! Finally got adhoc working with your explanation.