iOS — look inside provisioning profile?

Question

Is it possible to inspect the insides of a provisioning profile? I am dealing with a code signing error because the entitlements do not match. Fixing this is rather difficult as I don't know how to inspect the entitlements in the provisioning profile. Hence I am shooting in the dark.

Related questions, none of which seem to help in my case:

• Code sign error with Xcode 3.2
• The executable was signed with invalid entitlements
• iPhone Entitlements problem with XCode 4 for Ad Hoc distribution

Answer 1

You can also do a text dump by typing

security cms -D -i <prov>

FWIW

• security is to Administer Keychains, keys, certificates and the Security framework.

• cms is a command within the security framework it stands for Cryptographic Message Syntax

• -D is for decoding

• -i means infile use infile as source of data (default: stdin)

Answer 2

You can more (or less) it in the terminal (Applications -> Utilities -> Terminal). Just respond with y to the question about viewing binary data.

The xml part is readable. For example you can view the ApplicationIdentifierPrefix and the keychain-access-groups. In the past those gave me some headaches.

Answer 3

A number of Quick Look plug-ins have been developed to inspect provisioning profiles:

• https://github.com/chockenberry/Provisioning
• https://github.com/ealeksandrov/ProvisionQL

After installing, just select the provisioning profile file in Finder and press space!

Answer 4

Simply select the embedded.mobileprovision and Open With... your favorite Text Editor. It may show a variety of encoding errors, but the parts you're concerned with, such as Entitlements and other keys, should be readily visible:

0Å   *H÷ ¶0²10 +0 +0 Ì!YëýI¬nuèzÑöçö°
...
<plist version="1.0">
<dict>
    <key>AppIDName</key>
    <string>Your App Name</string>

    ...

    <key>Entitlements</key>
    <dict>
        ...
        <key>aps-environment</key>
        <string>production</string>

Answer 5

No need for an external app. The quickest and easiest way to observe the contents on a mac is by clicking on the profile in the Finder. The preview will list the following things (as well as others):

• App ID Name
• App ID
• Team Name
• Creation, Expiration date
• Entitlements
• Certs
• Device whitelist

Answer 6

Right click and select "Get Info". It will show you certificates, provisioned devices and entitlements.