I recently explained the expiration behaviour of Apple Distribution certificates to someone, and thought it was worth sharing.

I often work on iOS applications signed with an Enterprise certificate. Applications signed with these certificates can be distributed directly to the device, such as through a Mobile Device Manager or through the browser. They cannot be distributed through the app store. These applications are signed with a distribution certificate. The Distribution Certificate can last up to one year, but may expire sooner. The distribution certificate will not last beyond the expiration of the account. If a app were signed by an account that has 7 months until renewal is needed, then the distribution certificate will also expire in 7 months.

Usually, this hasn’t been a problem for me. Many of the applications that I work on are either to be used for a predefined time period, such as for a holiday event, and then get shelved. Or they are applications that are receiving updates, in which case they will occasionally get new distribution certificates. I had a client that requested an iOS application be signed such that it would not expire. Someone in the development department for the client had resigned the application and redeployed it when it reached its first expiration period. But he wanted to be independent of their development department all together.

Unfortunately, this is not an option for iOS apps. The only way to have a version of the application that is immune to expiration would be to run it on an operating environment that doesn’t demand apps be signed with certificates that expire in a year or less. That is an option with Windows and Android, but not with iOS. For the best situation with iOS one needs an Mobile Device Manager (MDM). With an MDM, there is the option of making an updated distribution profile and pushing that out to the devices. Without the MDM then rebuild-and-redeploy is the only option.

This may be something that you’d like to consider when choosing hardware for a solution within an organization. iOS hardware is consistent in its form, performance, so on. While Android offers more openness, the variances in hardware is both an advantage and a disadvantage. I appreciate the ability to be able to make an app and install it to an Android device very quickly. OfCourse, the ability to do this easily also comes with the potential of bad actors doing the same. The barrier to getting malicious code on an iOS device is a bit higher.

Posts may contain products with affiliate links. When you make purchases using these links, we receive a small commission at no extra cost to you. Thank you for your support.

Mastodon: @j2inet@masto.ai
Instagram: @j2inet
Facebook: @j2inet
YouTube: @j2inet
Telegram: j2inet
Twitter: @j2inet