Run iOS Applications on Non-Jailbroken Devices
For a jailbroken device, it's as simple as obtaining an unencrypted version of your application and applying the app's binary entitlements with an Ad Hoc signature to the app bundle to ensure the original entitlements are preserved. This process is documented here.
Non-jailbroken iOS devices enforce additional code signature verification to ensure that only trusted applications run on these types of iOS devices. Due to this, a valid Apple Developer certificate needs to be used for signing.
When going through the distribution process in Xcode to run your application on non-jailbroken devices, you will need to choose a distribution method that creates an embedded.mobileprovision
file known as the provisioning profile.
For individual testing purposes, opting for Ad Hoc or Development distribution includes the embedded.mobileprovision
that will contain the UDIDs of the provisioned devices if they have been registered under the same Apple Developer account used for signing. Please note that the App Store Connect method does not create an embedded.mobileprovision
file and is meant to be uploaded directly to the App Store.
Once you've compiled your application with a distribution method that includes a provisioning profile along with being signed by a valid Apple certificate, you will need to apply the UDID of a provisioned device to the virtual iOS device to allow the device to run the application.
For Enterprise distributions, the provisioned devices will not be contained in your embedded.mobileprovision
file but are found under your Enterprise Developer portal.
You can find the embedded.mobileprovision
by unzipping the .ipa
file and navigating to the app bundle directory: Payload/yourapp.app/embedded.mobileprovision
. The provisioned device's UDIDs can be easily found by running strings
on the binary file and grepping for the provisioned devices.
% strings embedded.mobileprovision | grep -A 4 "ProvisionedDevices"
<key>ProvisionedDevices</key>
<array>
<string>babb3583849a41eb260a8f90b567def01edabea5</string>
<string>9564a02c6255d8c449a3f691aeb8296dd352f3d6</string>
</array>