Instructions clarifications in the Wiki

[imkh]

Version

iOS 18.3.1

Start going into detail..

No really a bug or a feature request 😄 I just went through the install process for the first time, and being relatively new to sideloading/jailbreak stuff, I encountered a couple of hiccups while following the wiki. From my quick search, it doesn't seem possible to open PRs for Wikis so I'm opening this issue.

In the Using an Apple Developer Account instructions page:

1. Step 1 of the Obtaining the .p12 section:

- 1. Open up keychain access on your macOS device
- * Find Certificate Assistant
- * Request a Certificate from a Certificate Authority
+ 1. Open up Keychain Access on your macOS device and in the app's menu bar, select **Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority**.

"Find Certificate Assistant" is a bit vague so it took me some time to check the menu bar 🤦‍♂️

---

2. Step 4 of the Obtaining the .p12 section:

When importing the .cer file into Keychain Access via drag-and-drop, the user would typically be in the first selected tab All Items. Well for some reason, exporting the certificate as a .p12 file is disabled while on this tab. I had to go to the My Certificates tab first to have the .p12 option enabled.

Export in All items tab	Export in My Certificates tab

Not sure if this is a known quirk that's just obvious to more experienced users. Regardless, I think a simple change like this would do the trick:

- 4. You will now be able to select the certificate and export as a .p12 file. (This step will have you make a password, remember this for the end)
+ 4. Go to the "My Certificates" tab, select your certificate and export it as a `.p12` file. (This step will have you make a password, remember this for the end)

I also noticed that double-clicking the .cer file installs it as well, and even opens Keychain Access with the My Certificates tab directly selected. So it might be better to say this instead:

- 3. Import the .cer file into keychain access (drag and drop works fine)
+ 3. Import the .cer file into keychain access by double-clicking it

---

3. Step 1 of the Installation section:

- 1. Go to [sign.kravasign.com](https://sign.kravasign.com/)
+ 1. Go to [sign.kravasign.com](https://sign.kravasign.com/) on your iOS device

This I agree might be my lack of experience showing 😅 Since every steps until now was on my Mac, I just continued on... without anything happening. It took me longer than I'd like to admit to understand I had to do this step on my iPhone/iPad.

I think that's about it!

While I'm here, I had one question I was curious about: if I make a change to my Provisioning Profile (for example, adding/remove a device or selecting another certificate), does the .mobileprovision file changes? In another words, can I keep using the one I downloaded before making the changes, or do I need to download the new one and update it inside Feather's settings? (do I also need to reinstall Feather through KravaSigner? I don't believe so if I'm understanding things correctly)

[dreami-ng]

Hey @imkh ! I wrote the documentation for Feather, and I'm happy to help in any way possible. Firstly, I want to say that I appreciate the edits you suggested.

Regarding your question, I think I have an answer for you. Certificates are, in a way, static. That is the easiest way for me personally to visualize it.
Unless you revoke your certificate from ADP, remove the provisioning profile from the device, or the certificate itself expires which is the highest level monitoring; the apps previously signed with those files will be perfectly good and valid. I'm not sure exactly what you're saying though, regarding changes. Certain parameters correspond to a voided/revoked cert, and that will definitely give you problems.

Regarding what Feather itself is being signed with, that is practically irrelevant. So yes you do not need to reinstall Feather.

[imkh]

Yes, I did some more testing on my end: revoked my certificate, deleted my app ID and provisioning profile, and all my already signed apps were fine. But I obviously couldn't sign new apps.

What I meant about changes is: if I go my Provisioning Profile on ADP, click Edit, and change some stuff (for example, selecting another certificate, or adding/removing a device) then click Save. Am I supposed to redownload the .mobileprovision file and add it in Feather, or do my changes "apply" to the one I already downloaded/added before?

PS: I made some small edits to the issue with some improvements

[dreami-ng]

Ah, I think I understand now. Yes, you must redownload your .mobileprovision after making changes such as those you mentioned. For example, allowed devices are hardcoded into the ProvisionedDevices property- the permissions are tied to that file, not the config of your ADP. Apple does frequently update the exact format though, and in the future it may change. If you'd like to do analysis, you can remove the CMS wrapper with the security tool, and then jump around with cat.