Making Sure that the App Is Properly Signed
You have to ensure that the app is using the latest code signature format. You can retrieve the signing certificate information from the application's .app file with codesign. Codesign is used to create, check, and display code signatures, as well as inquire into the dynamic status of signed code in the system.
After you get the application's IPA file, re-save it as a ZIP file and decompress the ZIP file. Navigate to the Payload directory, where the application's .app file will be.
Execute the following
codesign command to display the signing information:
$ codesign -dvvv YOURAPP.app Executable=/Users/Documents/YOURAPP/Payload/YOURAPP.app/YOURNAME Identifier=com.example.example Format=app bundle with Mach-O universal (armv7 arm64) CodeDirectory v=20200 size=154808 flags=0x0(none) hashes=4830+5 location=embedded Hash type=sha256 size=32 CandidateCDHash sha1=455758418a5f6a878bb8fdb709ccfca52c0b5b9e CandidateCDHash sha256=fd44efd7d03fb03563b90037f92b6ffff3270c46 Hash choices=sha1,sha256 CDHash=fd44efd7d03fb03563b90037f92b6ffff3270c46 Signature size=4678 Authority=iPhone Distribution: Example Ltd Authority=Apple Worldwide Developer Relations Certification Authority Authority=Apple Root CA Signed Time=4 Aug 2017, 12:42:52 Info.plist entries=66 TeamIdentifier=8LAMR92KJ8 Sealed Resources version=2 rules=12 files=1410 Internal requirements count=1 size=176
There are various ways to distribute your app as described at the Apple documentation, which include using the App Store or via Apple Business Manager for custom or in-house distribution. In case of an in-house distribution scheme, make sure that no ad hoc certificates are used when the app is signed for distribution.