problem sending ipa to apple store ERROR ITMS-90035

ERROR ITMS-90035: "Invalid Signature. A sealed resource is missing or invalid. The file at path [Name Of Game.app/Name Of Game] is not properly signed. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose “Clean All” in Xcode, delete the “build” directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html"

I removed all provisioning profiles and certificates and generated only distribution certificate, ale app store distribution provisioning profile. What else can I check? Can anyone help me?

In application name I have space character and polish specific alphabet character (ż), but for “app ids” Im using version it showed me somewhere - where that character is replaced with -.

I tried unziping ipa file and verifying code signature:

codesign -dv --verbose=4 Payload/Name\ Of\ Gąme.app Executable=/Users/pajter/Desktop/Payload/Name Of Gąme.app/Name Of Gąme Identifier=pl.domain.Name-Of-G--me Format=app bundle with Mach-O universal (armv7 arm64) CodeDirectory v=20200 size=175676 flags=0x0(none) hashes=5482+5 location=embedded OSPlatform=37 OSSDKVersion=721920 OSVersionMin=524288 Hash type=sha256 size=32 CandidateCDHash sha1=6339c36466394f8eba85cc6f1b3590f415e8c4de CandidateCDHash sha256=a93002397b4353b450d4e2019aef82bfa1f163d5 Hash choices=sha1,sha256 Page size=4096 CDHash=a93002397b4353b450d4e2019aef82bfa1f163d5 Signature size=4707 Authority=iPhone Distribution: Firstname Lastname () Authority=Apple Worldwide Developer Relations Certification Authority Authority=Apple Root CA Signed Time=29 Jul 2018 at 21:02:43 Info.plist entries=58 TeamIdentifier=L2547AAN3U Sealed Resources version=2 rules=13 files=1517 Internal requirements count=1 size=192

so, seems ok, right?

RB App Checker Lite shows me 2 errors: 

Requirements and resources didn’t pass static validation.

Error details: “-67054: a sealed resource is missing or invalid” {

Resources altered: 

Name%20Of%20G%CC%87me – file:///private/var/folders/dd/2h35m15d5t59ng57qf8__gq00000gn/T/net.brockerhoff.RB.RB-App-Checker-Lite/0EFC3647-4356-4E59-9615-5DA51FBE757D/CA6805FD-8D6A-4980-B293-CAE8A6137735/Payload/Name%20Of%20G%CC%87me.app/

}

The bundle’s code signature may be obsolete, or its contents may have been modified AFTER codesigning, either by a misplaced build step or deliberate hacking.

I’m not sure what I can get from this weird path or how to check it differently so I could get more details? 

And second error:

The profile specifies the application “corona pl domain name of game” (L2547AAN3U).

The profile specifies the team “Firstname Lastname” (L2547AAN3U).

➤ The profile does NOT match the application’s Team ID (L2547AAN3U)!

but everywhere I check I see the same ID. 

I’ve seen this happen if you manage to build your app to a folder inside your project folder or have some other signed resource in there. You should always output your build somewhere other than your project folder.

Rob

definitely not the case - I have sources in /mobile/game and build is generated into ~/Desktop 

I deleted all keys (to be sure I’m not using development/adhoc distribution) - still the same error.

I think I’ll try to build now without any plugins now… But I’m out of ideas. Maybe someone would want to take a look for some reasonable fee?

How can I check that? 

I think I only have graphics and .lua files, but to be sure: what do you mean by signed resource? 

A signed resource would be like a folder with a .app extension or a .ipa file.  You could bundle up your project in a .zip and share the .zip file with us and we can look through it to see what the issue is.

Rob

How can I sent you link privately? I don’t see option to PM here

Email support AT coronalabs.com

Rob

as @usmanmughal.uog mentioned here: https://forums.coronalabs.com/topic/73518-help-with-publishing-to-app-store/

pointing to https://forums.coronalabs.com/topic/72321-invalid-signature-on-itunesconnect/

and https://forums.developer.apple.com/thread/89187

problem was that I had APFS filesystem. Creating image disk with HFS filesystem, mounting it and moving there source files, as well as setting it as target for build - fixes the problem.

I tried unziping ipa file and verifying code signature:

codesign -dv --verbose=4 Payload/Name\ Of\ Gąme.app Executable=/Users/pajter/Desktop/Payload/Name Of Gąme.app/Name Of Gąme Identifier=pl.domain.Name-Of-G--me Format=app bundle with Mach-O universal (armv7 arm64) CodeDirectory v=20200 size=175676 flags=0x0(none) hashes=5482+5 location=embedded OSPlatform=37 OSSDKVersion=721920 OSVersionMin=524288 Hash type=sha256 size=32 CandidateCDHash sha1=6339c36466394f8eba85cc6f1b3590f415e8c4de CandidateCDHash sha256=a93002397b4353b450d4e2019aef82bfa1f163d5 Hash choices=sha1,sha256 Page size=4096 CDHash=a93002397b4353b450d4e2019aef82bfa1f163d5 Signature size=4707 Authority=iPhone Distribution: Firstname Lastname () Authority=Apple Worldwide Developer Relations Certification Authority Authority=Apple Root CA Signed Time=29 Jul 2018 at 21:02:43 Info.plist entries=58 TeamIdentifier=L2547AAN3U Sealed Resources version=2 rules=13 files=1517 Internal requirements count=1 size=192

so, seems ok, right?

RB App Checker Lite shows me 2 errors: 

Requirements and resources didn’t pass static validation.

Error details: “-67054: a sealed resource is missing or invalid” {

Resources altered: 

Name%20Of%20G%CC%87me – file:///private/var/folders/dd/2h35m15d5t59ng57qf8__gq00000gn/T/net.brockerhoff.RB.RB-App-Checker-Lite/0EFC3647-4356-4E59-9615-5DA51FBE757D/CA6805FD-8D6A-4980-B293-CAE8A6137735/Payload/Name%20Of%20G%CC%87me.app/

}

The bundle’s code signature may be obsolete, or its contents may have been modified AFTER codesigning, either by a misplaced build step or deliberate hacking.

I’m not sure what I can get from this weird path or how to check it differently so I could get more details? 

And second error:

The profile specifies the application “corona pl domain name of game” (L2547AAN3U).

The profile specifies the team “Firstname Lastname” (L2547AAN3U).

➤ The profile does NOT match the application’s Team ID (L2547AAN3U)!

but everywhere I check I see the same ID. 

I’ve seen this happen if you manage to build your app to a folder inside your project folder or have some other signed resource in there. You should always output your build somewhere other than your project folder.

Rob

definitely not the case - I have sources in /mobile/game and build is generated into ~/Desktop 

I deleted all keys (to be sure I’m not using development/adhoc distribution) - still the same error.

I think I’ll try to build now without any plugins now… But I’m out of ideas. Maybe someone would want to take a look for some reasonable fee?

How can I check that? 

I think I only have graphics and .lua files, but to be sure: what do you mean by signed resource? 

A signed resource would be like a folder with a .app extension or a .ipa file.  You could bundle up your project in a .zip and share the .zip file with us and we can look through it to see what the issue is.

Rob

How can I sent you link privately? I don’t see option to PM here

Email support AT coronalabs.com

Rob

as @usmanmughal.uog mentioned here: https://forums.coronalabs.com/topic/73518-help-with-publishing-to-app-store/

pointing to https://forums.coronalabs.com/topic/72321-invalid-signature-on-itunesconnect/

and https://forums.developer.apple.com/thread/89187

problem was that I had APFS filesystem. Creating image disk with HFS filesystem, mounting it and moving there source files, as well as setting it as target for build - fixes the problem.