Our Customer has an Enterprise Distribution certificate. We are signing their Apps and distribute them to their devices via Airwatch MDM.
Their Enterprise Distribution certificate is about to expire in January 2016. I have generated a new Enterprise Distribution certificate valid till December 2018. With this new Enterprise Distribution certificate I was able to generate a new Provisioning Profile.
I'm able to exchange the Provisioning Profile of all Apps with Airwatch without having to touch them.
However as the certificate has changed, is there a way I do not have to resign the apps with the new certificate? Is it possible to generate a new certificate with the same old private key?
Best Answer
No - spoofing the key signature would be equivalent to bypassing the chain of trust entirely. You'd probably be able to sell that exploit to bad actors and governments for a lot of money.
You will need to re-sign the apps and likely increment the version numbers on them before pushing them out since Apple doesn't re-sign things for you dynamically as they do with App store downloads.