Xcode - iTunes Connect submission fails - Invalid Signature - Your app has one or more issues

xdamon · June 9, 2015, 10:38pm

Hello,

We have been scrambling with this issue for a while now, and now that we have found the solution, we wanted to share it, as some of you will most probably encounter it next time you submit an app to the App Store (TestFlight or Final application).

In the end, the reason for receiving an unfriendly email after a successful submission in Xcode, is due to the fact that Apple recently changed their security policy, and that the .codea directory in the project now needs to be signed.

So, here is how you do it :

copy paste the following code in codesign-codea.sh (for example)
put the file in your project root directory
chmod +x codesign-codea.sh in a terminal to be able to execute it

#!/bin/sh

if [ -z "${CODE_SIGN_IDENTITY}" ] ; then
    echo "CODE_SIGN_IDENTITY is not set"

    if [ "${CONFIGURATION}" = "Release" ] ; then
        exit 1
    else
        # Code-signing not needed for non-release builds.
        exit 0
    fi
fi

ITEMS=""

if [ -d "${SRCROOT}" ] ; then
    DIRS=$(find "${SRCROOT}" -depth -type d -name "*.codea")
    RESULT=$?
    if [[ $RESULT != 0 ]] ; then
        exit 1
    fi
    ITEMS="${DIRS}"
fi

# Prefer the expanded name, if available.
CODE_SIGN_IDENTITY_FOR_ITEMS="${EXPANDED_CODE_SIGN_IDENTITY_NAME}"
if [ "${CODE_SIGN_IDENTITY_FOR_ITEMS}" = "" ] ; then
    # Fall back to old behavior.
    CODE_SIGN_IDENTITY_FOR_ITEMS="${CODE_SIGN_IDENTITY}"
fi

echo "Identity:"
echo "${CODE_SIGN_IDENTITY_FOR_ITEMS}"

# Change the Internal Field Separator (IFS) so that spaces in paths will not cause problems below.
SAVEIFS=$IFS
IFS=$(echo -en "\
\\b")

# Loop through all items.
for ITEM in $ITEMS;
do
    echo "Signing '${ITEM}'"
    codesign --force --verbose --sign "${CODE_SIGN_IDENTITY_FOR_ITEMS}" "${ITEM}"
    RESULT=$?
    if [[ $RESULT != 0 ]] ; then
        IFS=$SAVEIFS
        exit 1
    fi
done

# Restore $IFS.
IFS=$SAVEIFS

Then, in your project, go to the Build Phases tab and click on the + to add a phase
Select “New Run Script Phase”
In the space reserved for it, type
${SRCROOT}/codesign-codea.sh

Clean and Build your project, a new directory “_CodeSignature” should be created in the .codea directory, this will allow the application to be submitted successfully.

Hope this helps !

Maybe @Simeon can integrate this script in the export feature in a future version.

BTW, this script was inspired by and a combination of several scripts and ideas I found on stack overflow, I do not want to pretend I discovered America or India, I just want to post the solution I found to help

Cheers,
Xavier.

Crumble · June 10, 2015, 9:33am

I submitted an app about a week ago and it’s been in review for 48 hours now, wonder if this is the problem…

Did your app get approved after doing this?

sim · June 10, 2015, 3:33pm

Thank you for the detective work @xdamon, and thanks for sharing the script! We’ll have to integrate this to ensure the folder references are signed.

escape75 · June 10, 2015, 3:37pm

The issue only started happening few days ago. Testing script right now.

escape75 · June 10, 2015, 3:43pm

Unfortunately doesn’t work, it creates the _CodeSignature folder …

Dear developer,

We have discovered one or more issues with your recent delivery for “A-Maze”. To process your delivery, the following issues must be corrected:

Invalid Signature - Code object is not signed at all. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose “Clean All” in Xcode, delete the “build” directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html

Once these issues have been corrected, you can then redeliver the corrected binary

escape75 · June 10, 2015, 4:12pm

Ok finally, had to clean the xcode build folder too

Crumble · June 10, 2015, 4:50pm

Are you sure this is the problem? Sounds more like a Certificate problem.

Crumble · June 10, 2015, 10:28pm

Well, my app got approved. I’m thinking the OP did something wrong in the Xcode side.

I really need to do an app submitting tutorial so people have a clear set of instructions to follow. I keep forgetting to take screenshots of the process.

escape75 · June 11, 2015, 2:10am

If you submitted a week ago it would be OK for sure,
if you submit now it will upload and fail, and say invalid upload …
They changed it right after WWDC I think.

Crumble · June 11, 2015, 5:17am

I’ll find out in a few days, have another app I’ll be submitting (hopefully) soon.

xdamon · June 12, 2015, 6:36am

@escape75 in the end, did the script work for you ?

epicurus101 · June 13, 2015, 5:57pm

@xdamon This doesn’t seem to be doing the trick for me. I think I’m following your instructions precisely and everything seems to go ok, but then it doesn’t create the new folder as per your post. Can I confirm, when you say the root folder of the Project, my Project folder has [ProjectName] and then within that there are four folders, including the .codea one. I’m assuming the new .sh file goes in there alongside the four, yes?

Then when I execute the line in the terminal that you specify, nothing obvious happens. Is that right?

Finally, when I build it, I’m looking for the new directory in the [ProjectName].codea folder, is that correct? Because it’s definitely not showing up.

Any help would be gratefully appreciated. I think I’ve cleaned Xcode - I couldn’t see any “Clean All” command from within Xcode, but some googling suggested I needed to delete the contents of the Derived Data folder. Am on the right track?

Sorry if that all sounds a bit pathetic. As a newcomer to both macs and Xcode this is quite difficult to get my head around.

epicurus101 · June 13, 2015, 7:19pm

Think I’ve solved my problem. The bit of script that you need to put in as the new Run Script needs to be in double quotes. App now submitted, thanks for posting this.

xdamon · June 13, 2015, 10:19pm

Cool !
Do you mean in the Build Phase ? Maybe it is that your path to get to the script includes spaces ? If that’s the case, it could explain, and thanks for posting it !

epicurus101 · June 14, 2015, 6:57am

At first I wasn’t having issues in the Build phase, it just wasn’t doing anything at all. Then I realised that I was copying that line into the /bin/sh box when I was adding run script, rather than underneath it. Once I did that, the build was failing, until I worked out the double quotes thing.

escape75 · June 14, 2015, 3:52pm

@xdamon Yes it worked, i think i had to put it in the root instead of pasting it right in xcode, although it was creating the folder either way …