Re-signing an .ipa file for iOS distribution
There are several apps I currently have to re-sign. They are apps built by various outside vendors who do not want to share the source code, but we want the apps published from our account and we do not want to give them our certificate or access to publish the apps on our behalf. ¯\_(ツ)_/¯ These are the steps I use to re-sign them. I've decided to keep the steps manual because, frankly, it's an error-prone process, something done infrequently, and a moving target. Some detail always seems to shift with every major Xcode release or App Store change.
These steps are current as of iOS 14 and Xcode 12. They assume you already have your Distribution Certificate installed in Keychain.
I'm going to use an example named "Matt's App.ipa". If you need to provide instructions to a vendor to deliver this file to you properly, I've included what I use below.