I'm signing an app using an Apple Enterprise certificate and an in-house provisioning profile. I've added the IPA, along with the manifest.plist, to an HTTPS page and I can install the icon at least, with the itms-services://?action=download-manifest&url= link. If I view the device with the Apple Configurator app I can verify the provisioning profile was installed on the device.

BUT: when I try to open the app I don't get the expected message Untrusted Enterprise Developer and I don't see the option to trust the profile in Settings > General > Device Management. Instead I get a message This app cannot be installed because its integrity could not be verified. I see the same message in console logs as well as "A valid provisioning profile for this executable was not found".

This is a MAUI app but I'm getting the same problem if I create an app in Xamarin with the same app id. HOWEVER: if I create an app with the same app id in Xcode it works fine. All three are using the same manifest.plist, app id, version, build number, etc.

It's got to be a certificate issue, right? But I've checked a million times to make sure dotnet publish is using the correct cert. I've un-zipped the IPA after it's built and verified the correct provisioning profile was added. I've re-signed with Xcode and tried using that IPA. I'm not sure what else to try and I don't know why it works with an Xcode project but not Xamarin / MAUI.

Anyone have any ideas?

CodePudding user response：

After much trial and error I was able to solve this by building using the command line only and not putting any of the Codesign information in a PropertyGroup in the .csproj. According to the documentation this shouldn't be necessary but it's working for me now.

My full build command is:

dotnet publish -f:net7.0-ios -c:Release /p:RuntimeIdentifier=ios-arm64 /p:ArchiveOnBuild=true /p:CodeSignProvision="your provisioning profile name"  /p:CodesignKey="Your distribution certificate name”