iOS standalone - what to do about code signing failures?

classic Classic list List threaded Threaded
38 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Graham Samuel-4
OK - I see what you mean. When I expand the 'Distribution Provisioning Profile' I do see my own one, in my case with four devices named (that's all the devices I'm using for development and beta testing at the moment). Sorry if I confused anyone.

Graham

On 7 Jan 2013, at 20:32, Roger Guay wrote:

> I was looking at the Provisioning section of the Portal . . . not Certificates. Go Provisioning -> Distribution and then click on each of the Provisioning Profiles to expand and see the devices.
>
> Roger
>
>
> On Jan 7, 2013, at 11:09 AM, Graham Samuel <[hidden email]> wrote:
>
>> FWIW I don't have a listing of Devices on the description of my Current Distribution Certificate in the Portal - this is odd, since we should be seeing the same display, shouldn't we?
>>
>> My display consists of one line which gives my name (I guess it's my team name really), the Expiration Date, the name which I chose for it, its Status (which is 'issued'), a button saying 'download', and another button (looks like a label) saying 'Revoke'. This is in the 'Distribution' tab of the Certificates section of my iOS Provisioning Portal.
>>
>> What exactly are you seeing?
>>
>> Graham
>>
>> On 7 Jan 2013, at 17:06, Roger Guay wrote:
>>
>>> Hi David,
>>>
>>> Bless you and Jacque!! I think you have found my problem. Now how to fix?
>>>
>>> If I go to the Provisioning section of the Portal and select Distribution, I have 2 profiles, each of which has Devices (0). But in the attempt to edit these, the Devices section is grayed out. Same thing if I create a New Profile . . . the devices section is grayed out.
>>>
>>> Or, is it normal to have no devices for a Distribution Profile? (my Development Profiles all have my iPad listed)
>>>
>>> Thanks,
>>> Roger
>>>
>>>
>>>
>>>
>>>
>
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Dave Kilroy
In reply to this post by Graham Samuel-4
Can anyone on this list think of why Xcode might think there is an extra development certificate on my machine even though there isn't one?

I've made sure I don't have any such extra certificate in KeyChain (including public and private keys) and in XCode's preferences folder in the Library - can anyone on this list where else such a certificate might be hiding on my macbook pro?

Can anyone on this list think of a way of stopping the Provisioning Portal from continuing to show this extra development certificate each time I hit 'refresh' in Xcode?

I've tried building a 'Hello World' app directly in XCode and that also won't sign code - so this is not just a LiveCode issue.

Back in late November after a couple of days figuring out what the problem was, I encountered Apple's Technical Note tn2250 which appeared to indicate that what I was experiencing could only be fixed by Apple and that I could contact their WorldWide Developer Center. Since then I've heard a lot of hot air from their (very polite) operatives but no fix.

I'm running Lion on a macbook pro with Xcode 4.5.2 and Livecode 5.5.3 - and if anyone could shed some light on how I can move forward that would be really, really, REALLY appreciated!

Kind regards - Dave
"The first 90% of the task takes 90% of the time, and the last 10% takes the other 90% of the time."
Peter M. Brigham
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

RogGuay
In reply to this post by J. Landman Gay
Thanks the clarification, Jacque.

So, yesterday, you asked "Did you assign your Mac to the provisioning profiles in the portal?" Did Graham get your meaning correctly, or are we still missing something? Do we need to somehow assign our Macs to the provisioning  profile? If so, how?

Roger

On Jan 7, 2013, at 2:16 PM, "J. Landman Gay" <[hidden email]> wrote:

> On 1/7/13 10:06 AM, Roger Guay wrote:
>
>> Or, is it normal to have no devices for a Distribution Profile? (my
>> Development Profiles all have my iPad listed)
>
> Right, development profiles require an association with devices, and those are the only ones allowed to run the app. Development profiles are for testing. Distribution profiles are for uploading to the App Store and don't require devices, since anyone can purchase and run the app. Apple takes care of distribution.
>
> --
> Jacqueline Landman Gay         |     [hidden email]
> HyperActive Software           |     http://www.hyperactivesw.com
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

ScottR
In reply to this post by Graham Samuel-4
FWIW, one tool that *might* help with app signing (haven't read all the
details of your situation) is AppResigner:
http://www.gorbster.net/blog/archives/273


In my situation with recent OS and LiveCode updates, I haven't been able
copy over development versions of apps onto devices without getting a code
signing error.  Using the tool is an extra step but allows me to get the
builds transferred properly (not needed for app store distributions).
Instructions are on the page.

Thanks to Ken Ray for the recommendation.

Regards,

Scott Rossi
Creative Director
Tactile Media, UX Design




On 1/7/13 2:44 PM, "Graham Samuel" <[hidden email]> wrote:

>Don't worry, I wasn't really offended! There's always something new to
>learn. It's a pity that Apple makes it tougher than it needs to be, but
>with the generous help of this list things are (very) gradually becoming
>clearer.
>
>Graham
>
>On 7 Jan 2013, at 19:34, Robert Sneidar wrote:
>
>> Sorry, I didn't mean to marginalize what you do. I really meant that
>>these days security has become an essential part of software
>>development, especially for mobile platforms. The answer for this is
>>security certificates.
>>
>> Bob
>>
>>
>> On Jan 7, 2013, at 2:32 AM, Graham Samuel wrote:
>>
>>> 2. When you say "now that you are a developer", I bridled a bit, since
>>>I've been a developer for years.
>>
>
>
>_______________________________________________
>use-livecode mailing list
>[hidden email]
>Please visit this url to subscribe, unsubscribe and manage your
>subscription preferences:
>http://lists.runrev.com/mailman/listinfo/use-livecode
>



_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

RogGuay
In reply to this post by Graham Samuel-4
But Graham, you see devices only for Development Profiles, not Distribution, right? I just want to be sure…

Roger


On Jan 7, 2013, at 3:49 PM, Graham Samuel <[hidden email]> wrote:

> OK - I see what you mean. When I expand the 'Distribution Provisioning Profile' I do see my own one, in my case with four devices named (that's all the devices I'm using for development and beta testing at the moment). Sorry if I confused anyone.
>
> Graham
>
> On 7 Jan 2013, at 20:32, Roger Guay wrote:
>
>> I was looking at the Provisioning section of the Portal . . . not Certificates. Go Provisioning -> Distribution and then click on each of the Provisioning Profiles to expand and see the devices.
>>
>> Roger
>>
>>
>> On Jan 7, 2013, at 11:09 AM, Graham Samuel <[hidden email]> wrote:
>>
>>> FWIW I don't have a listing of Devices on the description of my Current Distribution Certificate in the Portal - this is odd, since we should be seeing the same display, shouldn't we?
>>>
>>> My display consists of one line which gives my name (I guess it's my team name really), the Expiration Date, the name which I chose for it, its Status (which is 'issued'), a button saying 'download', and another button (looks like a label) saying 'Revoke'. This is in the 'Distribution' tab of the Certificates section of my iOS Provisioning Portal.
>>>
>>> What exactly are you seeing?
>>>
>>> Graham
>>>
>>> On 7 Jan 2013, at 17:06, Roger Guay wrote:
>>>
>>>> Hi David,
>>>>
>>>> Bless you and Jacque!! I think you have found my problem. Now how to fix?
>>>>
>>>> If I go to the Provisioning section of the Portal and select Distribution, I have 2 profiles, each of which has Devices (0). But in the attempt to edit these, the Devices section is grayed out. Same thing if I create a New Profile . . . the devices section is grayed out.
>>>>
>>>> Or, is it normal to have no devices for a Distribution Profile? (my Development Profiles all have my iPad listed)
>>>>
>>>> Thanks,
>>>> Roger
>>>>
>>>>
>>>>
>>>>
>>>>
>>
>>
>> _______________________________________________
>> use-livecode mailing list
>> [hidden email]
>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Colin Holgate-2
You'll see your devices listed under the distribution profile too. If you're making a profile for ad hoc then the devices can be selected. If you're making it for App Store, then the devices can't be selected.

What will never work is to use a development provisioning profile along with a distribution certificate, or vice versa.


On Jan 7, 2013, at 8:37 PM, Roger Guay <[hidden email]> wrote:

> >But Graham, you see devices only for Development Profiles, not Distribution, right? I just want to be sure…

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Graham Samuel-4
In reply to this post by RogGuay
No: in the iOS Provisioning Portal, if I select 'Provisioning' on the left hand sidebar and then click the 'Distribution' tab, I see my (only) Distribution Provisioning Profile, which an Ad Hoc one. If I double-click on its name, I see various details (App ID, Certificates, Devices) - and all my devices are listed there. Jacque has pointed out that there is a difference between Ad Hoc distribution (which applies only to listed devices) and App Store distribution (which applies to any device that gets your app from the App Store). I think there may be a further type for Enterprises but I haven't tried to find out about that.

HTH

Graham

On 8 Jan 2013, at 02:37, Roger Guay wrote:

> But Graham, you see devices only for Development Profiles, not Distribution, right? I just want to be sure…
>
> Roger
>
>
> On Jan 7, 2013, at 3:49 PM, Graham Samuel <[hidden email]> wrote:
>
>> OK - I see what you mean. When I expand the 'Distribution Provisioning Profile' I do see my own one, in my case with four devices named (that's all the devices I'm using for development and beta testing at the moment). Sorry if I confused anyone.
>>
>> Graham
>>
>> On 7 Jan 2013, at 20:32, Roger Guay wrote:
>>
>>> I was looking at the Provisioning section of the Portal . . . not Certificates. Go Provisioning -> Distribution and then click on each of the Provisioning Profiles to expand and see the devices.
>>>
>>> Roger
>>>
>>>
>>> On Jan 7, 2013, at 11:09 AM, Graham Samuel <[hidden email]> wrote:
>>>
>>>> FWIW I don't have a listing of Devices on the description of my Current Distribution Certificate in the Portal - this is odd, since we should be seeing the same display, shouldn't we?
>>>>
>>>> My display consists of one line which gives my name (I guess it's my team name really), the Expiration Date, the name which I chose for it, its Status (which is 'issued'), a button saying 'download', and another button (looks like a label) saying 'Revoke'. This is in the 'Distribution' tab of the Certificates section of my iOS Provisioning Portal.
>>>>
>>>> What exactly are you seeing?
>>>>
>>>> Graham
>>>>
>>>> On 7 Jan 2013, at 17:06, Roger Guay wrote:
>>>>
>>>>> Hi David,
>>>>>
>>>>> Bless you and Jacque!! I think you have found my problem. Now how to fix?
>>>>>
>>>>> If I go to the Provisioning section of the Portal and select Distribution, I have 2 profiles, each of which has Devices (0). But in the attempt to edit these, the Devices section is grayed out. Same thing if I create a New Profile . . . the devices section is grayed out.
>>>>>
>>>>> Or, is it normal to have no devices for a Distribution Profile? (my Development Profiles all have my iPad listed)
>>>>>
>>>>> Thanks,
>>>>> Roger
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>> _______________________________________________
>>> use-livecode mailing list
>>> [hidden email]
>>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
>>
>> _______________________________________________
>> use-livecode mailing list
>> [hidden email]
>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

RogGuay
Yes, thanks to you and Colin, I'm clear on that now!

Roger


On Jan 8, 2013, at 8:04 AM, Graham Samuel <[hidden email]> wrote:

> No: in the iOS Provisioning Portal, if I select 'Provisioning' on the left hand sidebar and then click the 'Distribution' tab, I see my (only) Distribution Provisioning Profile, which an Ad Hoc one. If I double-click on its name, I see various details (App ID, Certificates, Devices) - and all my devices are listed there. Jacque has pointed out that there is a difference between Ad Hoc distribution (which applies only to listed devices) and App Store distribution (which applies to any device that gets your app from the App Store). I think there may be a further type for Enterprises but I haven't tried to find out about that.
>
> HTH
>
> Graham
>
> On 8 Jan 2013, at 02:37, Roger Guay wrote:
>
>> But Graham, you see devices only for Development Profiles, not Distribution, right? I just want to be sure…
>>
>> Roger
>>
>>
>> On Jan 7, 2013, at 3:49 PM, Graham Samuel <[hidden email]> wrote:
>>
>>> OK - I see what you mean. When I expand the 'Distribution Provisioning Profile' I do see my own one, in my case with four devices named (that's all the devices I'm using for development and beta testing at the moment). Sorry if I confused anyone.
>>>
>>> Graham
>>>
>>> On 7 Jan 2013, at 20:32, Roger Guay wrote:
>>>
>>>> I was looking at the Provisioning section of the Portal . . . not Certificates. Go Provisioning -> Distribution and then click on each of the Provisioning Profiles to expand and see the devices.
>>>>
>>>> Roger
>>>>
>>>>
>>>> On Jan 7, 2013, at 11:09 AM, Graham Samuel <[hidden email]> wrote:
>>>>
>>>>> FWIW I don't have a listing of Devices on the description of my Current Distribution Certificate in the Portal - this is odd, since we should be seeing the same display, shouldn't we?
>>>>>
>>>>> My display consists of one line which gives my name (I guess it's my team name really), the Expiration Date, the name which I chose for it, its Status (which is 'issued'), a button saying 'download', and another button (looks like a label) saying 'Revoke'. This is in the 'Distribution' tab of the Certificates section of my iOS Provisioning Portal.
>>>>>
>>>>> What exactly are you seeing?
>>>>>
>>>>> Graham
>>>>>
>>>>> On 7 Jan 2013, at 17:06, Roger Guay wrote:
>>>>>
>>>>>> Hi David,
>>>>>>
>>>>>> Bless you and Jacque!! I think you have found my problem. Now how to fix?
>>>>>>
>>>>>> If I go to the Provisioning section of the Portal and select Distribution, I have 2 profiles, each of which has Devices (0). But in the attempt to edit these, the Devices section is grayed out. Same thing if I create a New Profile . . . the devices section is grayed out.
>>>>>>
>>>>>> Or, is it normal to have no devices for a Distribution Profile? (my Development Profiles all have my iPad listed)
>>>>>>
>>>>>> Thanks,
>>>>>> Roger
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> use-livecode mailing list
>>>> [hidden email]
>>>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>>
>>>
>>> _______________________________________________
>>> use-livecode mailing list
>>> [hidden email]
>>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
>>
>> _______________________________________________
>> use-livecode mailing list
>> [hidden email]
>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

RogGuay
In reply to this post by Colin Holgate-2
Hi Colin,

I think this is hinting at my problem and its solution. Where does one get to select the certificates for their provisioning profiles? Mine seem to come up or appear automatically when I create a provisioning profile.

In my case, where I'm working on a SETI Team, where do certificates comes from and how can I be sure I even have the right one(s)?

Thanks,
Roger


On Jan 7, 2013, at 6:45 PM, Colin Holgate <[hidden email]> wrote:

>
> What will never work is to use a development provisioning profile along with a distribution certificate, or vice versa.
>

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Colin Holgate-2
When you make a developer provisioning profile you are asked for the certificate to use. If you're making a distribution profile it should pick up on your current distribution certificate, but if you have changed that recently the provisioning profile won't be connected to the right certificate.

Something else to know, you can use wildcards in your app IDs, but LiveCode wants a full app ID. For example, you could make an app ID in the portal that is like this:

8263482.*

(the numbers are random, it would be whatever the system gave you). With that app ID you could create either of these apps:

rogerapp

com.rogerguay.rogerapp

Both ought to work, but LiveCode seems to like the fuller variation. An app ID of:

8263482.com.rogerguay.*

can work alongside these actual app IDs:

com.rogerguay.rogerfirstapp
com.rogerguay.rogerevenbettersecondapp

Now, that's all good for development purposes, but for distribution you want a full app ID that matches the actual product app ID, and is unique.

So, the right way to have a fresh start would be to make a new app ID that was the full ID:

com.rogerguay.rogerrealapp

make a new distribution ad hoc provisioning profile, that has all of your devices selected, used your current distribution certificate, and was based on that full app ID.

Once you have tested that build on your devices, and it's perfect, make another provisioning profile as App Store, and do one more build with the App Store profile selected. It's still based on the same app ID, and the distribution certificate, but it's anonymous as far as devices go. There is even a chance that you won't be able to test it.



_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

RogGuay
Thanks for this in-depth response,Colin. I need to digest this and see if it solves my codesign verification failure problem.

Thanks again,
Roger

On Jan 8, 2013, at 9:44 AM, Colin Holgate <[hidden email]> wrote:

> When you make a developer provisioning profile you are asked for the certificate to use. If you're making a distribution profile it should pick up on your current distribution certificate, but if you have changed that recently the provisioning profile won't be connected to the right certificate.
>
> Something else to know, you can use wildcards in your app IDs, but LiveCode wants a full app ID. For example, you could make an app ID in the portal that is like this:
>
> 8263482.*
>
> (the numbers are random, it would be whatever the system gave you). With that app ID you could create either of these apps:
>
> rogerapp
>
> com.rogerguay.rogerapp
>
> Both ought to work, but LiveCode seems to like the fuller variation. An app ID of:
>
> 8263482.com.rogerguay.*
>
> can work alongside these actual app IDs:
>
> com.rogerguay.rogerfirstapp
> com.rogerguay.rogerevenbettersecondapp
>
> Now, that's all good for development purposes, but for distribution you want a full app ID that matches the actual product app ID, and is unique.
>
> So, the right way to have a fresh start would be to make a new app ID that was the full ID:
>
> com.rogerguay.rogerrealapp
>
> make a new distribution ad hoc provisioning profile, that has all of your devices selected, used your current distribution certificate, and was based on that full app ID.
>
> Once you have tested that build on your devices, and it's perfect, make another provisioning profile as App Store, and do one more build with the App Store profile selected. It's still based on the same app ID, and the distribution certificate, but it's anonymous as far as devices go. There is even a chance that you won't be able to test it.
>
>
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Dave Kilroy
In reply to this post by Graham Samuel-4
Hi all

OK I can now sign code and build apps for iOS!

I'm not 100% sure how I did it, but there were two critical stages: the first was when I realised that the rogue extra development certificate MUST be hiding somewhere on my MacBook Pro (I had previously been convinced it was hiding somewhere in my account on the Provisioning Portal).

Then, after several hours of fruitless looking today, when I was back in Keychain Access for the umpteenth time I removed the 'login' keychain from view (by accident I think) and had a look in the 'system' keychain - and in there was the naughty developer certificate waiting for me (without a public or private key). For some reason it didn't show up if I was looking in the 'system' keychain whilst the 'login' keychain was in the left-hand panel of Keychain Access, but once the 'login' keychain was gone the certificate showed up!

So I deleted the naughty certificate, switched back to XCode and removed all provisioning profiles, certificates etc, revoked provisioning profiles and certificates on the Provisioning Portal and rebooted. When I reopened XCode I was planning to hit the 'refresh' button and let XCode get all new profiles and certificates for me - but when I saw the blank login screen realised that I would need my 'login' keychain back again - so I went back to Keychain Access and imported the 'login' keychain once again, went back to XCode and hit the 'Refresh' button - after a few seconds it created new profiles and certificates for me with no sign of extra developer certificates!

I then tested my XCode 'Hello World' app and that built OK and installed on my iPad - I then opened LiveCode and built and installed a LiveCode app - and everything worked perfectly Woohoo!!!

So one of the main things I learnt today is that the keychains in Keychain Access are actually separate entities and 'a bit tricky'

I'm pretty sure that I included a lot of unnecessary steps in my description above - and I look forward to hearing from others on better ways of handling keychains in Keychain Access and better ways of achieving what I did by accident :)

Kind regards

Dave

PS: the Apple Worldwide Developer Center staff I dealt with were all very nice and intelligent people - but they were of no help to me at all.
"The first 90% of the task takes 90% of the time, and the last 10% takes the other 90% of the time."
Peter M. Brigham
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

RogGuay
Hi Dave,


I just wanted to tell you how appreciative I am for this feedback. I'm still experiencing this codesign failure problem, and I don't know where to turn for help other than this list. I'll try to use your information to solve my problem next week as I am entertaining guests for a few days, but I didn't want to wait that long to thank you.

Roger


On Jan 10, 2013, at 5:00 PM, Dave Kilroy2 <[hidden email]> wrote:

> Hi all
>
> OK I can now sign code and build apps for iOS!
>
> I'm not 100% sure how I did it, but there were two critical stages: the
> first was when I realised that the rogue extra development certificate MUST
> be hiding somewhere on my MacBook Pro (I had previously been convinced it
> was hiding somewhere in my account on the Provisioning Portal).
>
> Then, after several hours of fruitless looking today, when I was back in
> Keychain Access for the umpteenth time I removed the 'login' keychain from
> view (by accident I think) and had a look in the 'system' keychain - and in
> there was the naughty developer certificate waiting for me (without a public
> or private key). For some reason it didn't show up if I was looking in the
> 'system' keychain whilst the 'login' keychain was in the left-hand panel of
> Keychain Access, but once the 'login' keychain was gone the certificate
> showed up!
>
> So I deleted the naughty certificate, switched back to XCode and removed all
> provisioning profiles, certificates etc, revoked provisioning profiles and
> certificates on the Provisioning Portal and rebooted. When I reopened XCode
> I was planning to hit the 'refresh' button and let XCode get all new
> profiles and certificates for me - but when I saw the blank login screen
> realised that I would need my 'login' keychain back again - so I went back
> to Keychain Access and imported the 'login' keychain once again, went back
> to XCode and hit the 'Refresh' button - after a few seconds it created new
> profiles and certificates for me with no sign of extra developer
> certificates!
>
> I then tested my XCode 'Hello World' app and that built OK and installed on
> my iPad - I then opened LiveCode and built and installed a LiveCode app -
> and everything worked perfectly Woohoo!!!
>
> So one of the main things I learnt today is that the keychains in Keychain
> Access are actually separate entities and 'a bit tricky'
>
> I'm pretty sure that I included a lot of unnecessary steps in my description
> above - and I look forward to hearing from others on better ways of handling
> keychains in Keychain Access and better ways of achieving what I did by
> accident :)
>
> Kind regards
>
> Dave
>
> PS: the Apple Worldwide Developer Center staff I dealt with were all very
> nice and intelligent people - but they were of no help to me at all.
>
>
>
> --
> View this message in context: http://runtime-revolution.278305.n4.nabble.com/iOS-standalone-what-to-do-about-code-signing-failures-tp4658701p4658789.html
> Sent from the Revolution - User mailing list archive at Nabble.com.
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Andre Garzia-3
In reply to this post by Dave Kilroy
Dave,

Open Keychain Access.app and look for expired certificates.


On Sun, Jan 6, 2013 at 6:30 PM, Dave Kilroy <[hidden email]>wrote:

> Hi Graham
>
> If I try to build a standalone for iOS I'll get two error messages; the
> first alert (showing the LiveCode logo) says:
>
> "Codesigning failed with 1) 0C076C94DC082497E47F5FA2F5A390A29E2C400
> "iPhone Developer: Dave Kilroy (E7QB8D7WFM)" "
>
> As well as a "1)" I'll also get a "2)" a "3)" and a "4)" failures, most
> but not all apparently lined to my 'bad' developer certificate
>
> If I 'OK' that error message I'll get another, this time with a red 'X'
> symbol telling me that "There was an error saving the standalone
> application" with the same error from the previous alert repeated
>
> What do you see when your codesigning fails? With any luck you don't have
> the same problem I have!
>
> BTW, just in case you seem to have an extra, unwanted certificate, it is
> worth checking that KeyChain (watch out for storage of public and private
> keys) and Xcode (watch out for the Preferences folder in the Library) are
> not holding copies of such a certificate on your hard-drive
>
> Good luck!
>
> Dave
>
>
>
> > I've been posting about certificate renewal etc so that I can go on with
> iOS development after my profiles / certificates or whatever have expired.
> I thought I had created a new set of stuff, and XCode now reports that I
> have valid Provisioning Profiles (don't know why I've got more than one,
> but I have), plus a (valid) specific profile on the device I'm currently
> trying to test on (an iPad 2).  Oh, and I also have active ad hoc
> distribution certificate.
> >
> > My app works in the simulator, but when I try to save it as a standalone
> in order to get it onto the iPad, I get codesigning failures: there seem to
> be six failures (whatever that means) and two of these look identical. I
> did not get these when I first set up my (now expired) digital 'asset's
> (/rant don't you hate the hijacking of perfectly good English words for
> weird technical purposes? /rant).
> >
> > Can anyone tell me how to track down these failures and correct them? I
> just have no idea how to start. I haven't found anything helpful in the iOS
> notes for LC either. The only clue I have is that the XCode organizer seems
> to think I'm two teams with slightly different names. I would gladly delete
> one of these if I knew how, and I suppose it might help.
> >
> > I've been staring at the Apple documentation for most of the day but I
> am well and truly stuck.
> >
> > Anxious
> >
> > Graham
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>



--
http://www.andregarzia.com -- All We Do Is Code.
http://fon.nu -- minimalist url shortening service.
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Dave Kilroy
In reply to this post by Graham Samuel-4

Roger

Thanks for the thanks :)

I well remember what it felt like to be lost in codesigning marshes - not a nice place to be at all - so I hope the account of how I stumbled upon my way out is of use to you

Actually, a couple of messages after your one Andre advised me to look in Keychain Access - and he was right! - So with any luck if my meanderings don't help then someone else from the list will know what to do.

Regarding sources of help - don't do what I did and rely on the Apple WorldWide Developer Center - I wasted months (literally) waiting for something from them - and would have been much better off continuing to stay actively searching for a solution rather than switching to passively waiting for Apple to tell me what to do.

Having said that, one of the least nice things about the codesigning marshes is the loneliness - if there was someone else to discuss things with it would have been GREAT, someone who could have helped me think through what was going on and either help me uncover the flaws in my own thinking or else help ascertain 'known facts' - so if you would like to email me off list and use me as a sounding-board that would be just fine.

Best of luck!

Dave


Roger Guay <[hidden email] wrote:

> Hi Dave,
>
>
> I just wanted to tell you how appreciative I am for this feedback. I'm still experiencing this codesign failure problem, and I don't know where to turn for help other than this list. I'll try to use your information to solve my problem next week as I am entertaining guests for a few days, but I didn't want to wait that long to thank you.
>
> Roger
>
>
> On Jan 10, 2013, at 5:00 PM, Dave Kilroy2 <[hidden email]> wrote:
>
>> Hi all
>>
>> OK I can now sign code and build apps for iOS!
>>
>> I'm not 100% sure how I did it, but there were two critical stages: the
>> first was when I realised that the rogue extra development certificate MUST
>> be hiding somewhere on my MacBook Pro (I had previously been convinced it
>> was hiding somewhere in my account on the Provisioning Portal).
>>
>> Then, after several hours of fruitless looking today, when I was back in
>> Keychain Access for the umpteenth time I removed the 'login' keychain from
>> view (by accident I think) and had a look in the 'system' keychain - and in
>> there was the naughty developer certificate waiting for me (without a public
>> or private key). For some reason it didn't show up if I was looking in the
>> 'system' keychain whilst the 'login' keychain was in the left-hand panel of
>> Keychain Access, but once the 'login' keychain was gone the certificate
>> showed up!
>>
>> So I deleted the naughty certificate, switched back to XCode and removed all
>> provisioning profiles, certificates etc, revoked provisioning profiles and
>> certificates on the Provisioning Portal and rebooted. When I reopened XCode
>> I was planning to hit the 'refresh' button and let XCode get all new
>> profiles and certificates for me - but when I saw the blank login screen
>> realised that I would need my 'login' keychain back again - so I went back
>> to Keychain Access and imported the 'login' keychain once again, went back
>> to XCode and hit the 'Refresh' button - after a few seconds it created new
>> profiles and certificates for me with no sign of extra developer
>> certificates!
>>
>> I then tested my XCode 'Hello World' app and that built OK and installed on
>> my iPad - I then opened LiveCode and built and installed a LiveCode app -
>> and everything worked perfectly Woohoo!!!
>>
>> So one of the main things I learnt today is that the keychains in Keychain
>> Access are actually separate entities and 'a bit tricky'
>>
>> I'm pretty sure that I included a lot of unnecessary steps in my description
>> above - and I look forward to hearing from others on better ways of handling
>> keychains in Keychain Access and better ways of achieving what I did by
>> accident :)
>>
>> Kind regards
>>
>> Dave
>>
>> PS: the Apple Worldwide Developer Center staff I dealt with were all very
>> nice and intelligent people - but they were of no help to me at all.
>>
>>
>>
>> --
>> V

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
"The first 90% of the task takes 90% of the time, and the last 10% takes the other 90% of the time."
Peter M. Brigham
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Dave Kilroy
In reply to this post by Graham Samuel-4
Thanks Andre - you were right!

Dave



Andre Garzia <[hidden email]> wrote:

> Dave,
>
> Open Keychain Access.app and look for expired certificates.

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
"The first 90% of the task takes 90% of the time, and the last 10% takes the other 90% of the time."
Peter M. Brigham
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

RogGuay
In reply to this post by Dave Kilroy
Dave,

You nailed it on all counts, and I really appreciate your understanding and encouragement. I know that in the end I will prevail and it will most likely be the result of help from folks on this list such as yourself and Andre, and Colin and …… What's got me stymied at the moment is that I have already cleaned house in my Keychain and It made no difference.

In any case, I am currently busy entertaining guest for a couple of days and will return to the quest after that.

Thanks again for your encouragement, Dave. For what it's worth, I will update the list as I make progress.

Roger




On Jan 13, 2013, at 4:11 PM, Dave Kilroy <[hidden email]> wrote:

>
> Roger
>
> Thanks for the thanks :)
>
> I well remember what it felt like to be lost in codesigning marshes - not a nice place to be at all - so I hope the account of how I stumbled upon my way out is of use to you
>
> Actually, a couple of messages after your one Andre advised me to look in Keychain Access - and he was right! - So with any luck if my meanderings don't help then someone else from the list will know what to do.
>
> Regarding sources of help - don't do what I did and rely on the Apple WorldWide Developer Center - I wasted months (literally) waiting for something from them - and would have been much better off continuing to stay actively searching for a solution rather than switching to passively waiting for Apple to tell me what to do.
>
> Having said that, one of the least nice things about the codesigning marshes is the loneliness - if there was someone else to discuss things with it would have been GREAT, someone who could have helped me think through what was going on and either help me uncover the flaws in my own thinking or else help ascertain 'known facts' - so if you would like to email me off list and use me as a sounding-board that would be just fine.
>
> Best of luck!
>
> Dave
>
>
> Roger Guay <[hidden email] wrote:
>
>> Hi Dave,
>>
>>
>> I just wanted to tell you how appreciative I am for this feedback. I'm still experiencing this codesign failure problem, and I don't know where to turn for help other than this list. I'll try to use your information to solve my problem next week as I am entertaining guests for a few days, but I didn't want to wait that long to thank you.
>>
>> Roger
>>
>>
>> On Jan 10, 2013, at 5:00 PM, Dave Kilroy2 <[hidden email]> wrote:
>>
>>> Hi all
>>>
>>> OK I can now sign code and build apps for iOS!
>>>
>>> I'm not 100% sure how I did it, but there were two critical stages: the
>>> first was when I realised that the rogue extra development certificate MUST
>>> be hiding somewhere on my MacBook Pro (I had previously been convinced it
>>> was hiding somewhere in my account on the Provisioning Portal).
>>>
>>> Then, after several hours of fruitless looking today, when I was back in
>>> Keychain Access for the umpteenth time I removed the 'login' keychain from
>>> view (by accident I think) and had a look in the 'system' keychain - and in
>>> there was the naughty developer certificate waiting for me (without a public
>>> or private key). For some reason it didn't show up if I was looking in the
>>> 'system' keychain whilst the 'login' keychain was in the left-hand panel of
>>> Keychain Access, but once the 'login' keychain was gone the certificate
>>> showed up!
>>>
>>> So I deleted the naughty certificate, switched back to XCode and removed all
>>> provisioning profiles, certificates etc, revoked provisioning profiles and
>>> certificates on the Provisioning Portal and rebooted. When I reopened XCode
>>> I was planning to hit the 'refresh' button and let XCode get all new
>>> profiles and certificates for me - but when I saw the blank login screen
>>> realised that I would need my 'login' keychain back again - so I went back
>>> to Keychain Access and imported the 'login' keychain once again, went back
>>> to XCode and hit the 'Refresh' button - after a few seconds it created new
>>> profiles and certificates for me with no sign of extra developer
>>> certificates!
>>>
>>> I then tested my XCode 'Hello World' app and that built OK and installed on
>>> my iPad - I then opened LiveCode and built and installed a LiveCode app -
>>> and everything worked perfectly Woohoo!!!
>>>
>>> So one of the main things I learnt today is that the keychains in Keychain
>>> Access are actually separate entities and 'a bit tricky'
>>>
>>> I'm pretty sure that I included a lot of unnecessary steps in my description
>>> above - and I look forward to hearing from others on better ways of handling
>>> keychains in Keychain Access and better ways of achieving what I did by
>>> accident :)
>>>
>>> Kind regards
>>>
>>> Dave
>>>
>>> PS: the Apple Worldwide Developer Center staff I dealt with were all very
>>> nice and intelligent people - but they were of no help to me at all.
>>>
>>>
>>>
>>> --
>>> V
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: iOS standalone - what to do about code signing failures?

Robert Sneidar
In reply to this post by Dave Kilroy
It may help everyone who is new to deploying to Macintosh with certificates to read up on how OS X deals with storing certificates. Basically, OS X puts everything having to do with security in the Keychain. This allows a user to increase his own security by keeping the keychain locked, so that only someone with his user name and password can have access to it, as well as keeping all the user names, passwords, and certificates under a single sign on.

It's intended to make security easier to manage for the end user, but as is typical, what is easier for the end user is harder for the developer.

Microsoft has a similar mechanism, as evidenced each time a user logs into anything, where the browser or authentication dialog may permit the user to "remember the password".

Bob


On Jan 13, 2013, at 3:11 PM, Dave Kilroy wrote:

>
> Roger
>
> Thanks for the thanks :)
>
> I well remember what it felt like to be lost in codesigning marshes - not a nice place to be at all - so I hope the account of how I stumbled upon my way out is of use to you
>
> Actually, a couple of messages after your one Andre advised me to look in Keychain Access - and he was right! - So with any luck if my meanderings don't help then someone else from the list will know what to do.
>
> Regarding sources of help - don't do what I did and rely on the Apple WorldWide Developer Center - I wasted months (literally) waiting for something from them - and would have been much better off continuing to stay actively searching for a solution rather than switching to passively waiting for Apple to tell me what to do.
>
> Having said that, one of the least nice things about the codesigning marshes is the loneliness - if there was someone else to discuss things with it would have been GREAT, someone who could have helped me think through what was going on and either help me uncover the flaws in my own thinking or else help ascertain 'known facts' - so if you would like to email me off list and use me as a sounding-board that would be just fine.
>
> Best of luck!
>
> Dave
>
>
> Roger Guay <[hidden email] wrote:
>
>> Hi Dave,
>>
>>
>> I just wanted to tell you how appreciative I am for this feedback. I'm still experiencing this codesign failure problem, and I don't know where to turn for help other than this list. I'll try to use your information to solve my problem next week as I am entertaining guests for a few days, but I didn't want to wait that long to thank you.
>>
>> Roger
>>
>>
>> On Jan 10, 2013, at 5:00 PM, Dave Kilroy2 <[hidden email]> wrote:
>>
>>> Hi all
>>>
>>> OK I can now sign code and build apps for iOS!
>>>
>>> I'm not 100% sure how I did it, but there were two critical stages: the
>>> first was when I realised that the rogue extra development certificate MUST
>>> be hiding somewhere on my MacBook Pro (I had previously been convinced it
>>> was hiding somewhere in my account on the Provisioning Portal).
>>>
>>> Then, after several hours of fruitless looking today, when I was back in
>>> Keychain Access for the umpteenth time I removed the 'login' keychain from
>>> view (by accident I think) and had a look in the 'system' keychain - and in
>>> there was the naughty developer certificate waiting for me (without a public
>>> or private key). For some reason it didn't show up if I was looking in the
>>> 'system' keychain whilst the 'login' keychain was in the left-hand panel of
>>> Keychain Access, but once the 'login' keychain was gone the certificate
>>> showed up!
>>>
>>> So I deleted the naughty certificate, switched back to XCode and removed all
>>> provisioning profiles, certificates etc, revoked provisioning profiles and
>>> certificates on the Provisioning Portal and rebooted. When I reopened XCode
>>> I was planning to hit the 'refresh' button and let XCode get all new
>>> profiles and certificates for me - but when I saw the blank login screen
>>> realised that I would need my 'login' keychain back again - so I went back
>>> to Keychain Access and imported the 'login' keychain once again, went back
>>> to XCode and hit the 'Refresh' button - after a few seconds it created new
>>> profiles and certificates for me with no sign of extra developer
>>> certificates!
>>>
>>> I then tested my XCode 'Hello World' app and that built OK and installed on
>>> my iPad - I then opened LiveCode and built and installed a LiveCode app -
>>> and everything worked perfectly Woohoo!!!
>>>
>>> So one of the main things I learnt today is that the keychains in Keychain
>>> Access are actually separate entities and 'a bit tricky'
>>>
>>> I'm pretty sure that I included a lot of unnecessary steps in my description
>>> above - and I look forward to hearing from others on better ways of handling
>>> keychains in Keychain Access and better ways of achieving what I did by
>>> accident :)
>>>
>>> Kind regards
>>>
>>> Dave
>>>
>>> PS: the Apple Worldwide Developer Center staff I dealt with were all very
>>> nice and intelligent people - but they were of no help to me at all.
>>>
>>>
>>>
>>> --
>>> V
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
12