eas-cli: [iOS] Build & Submit: ITMS-90165 Invalid Provisioning Profile Signature
Build/Submit details page URL
https://expo.dev/accounts/xxxx/projects/xxxx/submissions/19290884-87d9-475a-9459-95b6e99ba166
Summary
I upgraded to 0.50.0, then builded, them published, and now I am getting this:
ERROR ITMS-90165: “Invalid Provisioning Profile Signature. The provisioning profile included in the bundle ‘xxxxx’ (Payload/Xxxxxxx.app) cannot be used to submit apps to the iOS App Store until it has a valid signature from Apple. For more information, visit the iOS Developer Portal.”
Yesterday I had no problem at all.
I downgraded to 0.49.0, builded, and published again, but still have the same problem.
I’m seeing that one of the PR for 0.50.0 is talking about Provisioning changes (https://github.com/expo/eas-cli/pull/1051). Maybe the bug is coming from there?
PS.: I also downloaded the build and tried to upload it from Transporter. Same error.
Managed or bare?
Managed
Environment
➜ cncor-app git:(main) npx expo-env-info
expo-env-info 1.0.2 environment info: System: OS: macOS 11.6.1 Shell: 5.8 - /bin/zsh Binaries: Node: 16.4.0 - ~/.nvm/versions/node/v16.4.0/bin/node Yarn: 1.22.18 - ~/.yarn/bin/yarn npm: 7.18.1 - ~/.nvm/versions/node/v16.4.0/bin/npm Watchman: 4.9.0 - /usr/local/bin/watchman SDKs: iOS SDK: Platforms: iOS 14.5, DriverKit 20.4, macOS 11.3, tvOS 14.5, watchOS 7.4 Android SDK: API Levels: 27, 29, 30 Build Tools: 23.0.1, 23.0.3, 25.0.3, 26.0.1, 27.0.3, 28.0.3, 29.0.2 System Images: android-29 | Google APIs Intel x86 Atom, android-30 | Google Play Intel x86 Atom IDEs: Android Studio: 2020.3 AI-203.7717.56.2031.7784292 Xcode: 12.5.1/12E507 - /usr/bin/xcodebuild npmPackages: expo: ^44.0.0 => 44.0.6 react: 17.0.1 => 17.0.1 react-dom: 17.0.1 => 17.0.1 react-native: 0.64.3 => 0.64.3 react-native-web: 0.17.1 => 0.17.1 npmGlobalPackages: eas-cli: 0.49.0 expo-cli: 5.3.0 Expo Workflow: managed
Error output
ERROR ITMS-90165: “Invalid Provisioning Profile Signature. The provisioning profile included in the bundle ‘xxxxx’ (Payload/Xxxxxxx.app) cannot be used to submit apps to the iOS App Store until it has a valid signature from Apple. For more information, visit the iOS Developer Portal.”
Reproducible demo or steps to reproduce from a blank project
Not sure if apply
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Reactions: 2
- Comments: 15 (2 by maintainers)
Hi guys, the solution is to remove the provisioning profile (you can do this here: https://expo.dev/accounts/[account]/projects/[project]/credentials?platform=ios ) and run
eas buildagain and let EAS CLI create a new provisioning profile for you.More info here: https://twitter.com/JI/status/1514043544897425408
I’ve pinned this issue for greater visibility for a short while and am closing it since I believe the root cause is known and there is a straightforward fix, though of course it would be nicer not to have to think about expiring credentials.
All of the EAS Submit issues we’ve investigated today have been due to expired certificates. The expiration date in your app’s provisioning profile is different than the expiration date of the certificates used to sign the profile. If the certificates have expired, the provisioning profile will be rejected.
The straightforward solution is to make a new provisioning profile. Delete your existing one and then get a new one from your account on the Apple Developer website and upload it to EAS, or let EAS CLI take care of getting a provisioning profile (
eas credentials,eas build).This step is not necessary but may help with debugging: you can view the signing certificates with:
openssl pkcs7 -print_certs -text -in embedded.mobileprovision -inform der. Specifically you want to make sure theNotAftertimestamp of all certificates in the chain is a date in the future.My provisioning details are this, while building:
It works. Thank you!
I’m using
eas-cli/0.47.0