Error ITMS-90165 when publishing App to Apple App Store

Hello, fellow community members! 

Due to some Apple Certificates that are used to create provisioning profiles having expired on April 12 2022, when trying to upload apps to the Apple App Store, customers will receive the error 'ITMS-90165'


Unfortunately, we couldn’t find official information from Apple regarding this, only multiple unofficial sources of people complaining, ranging from twitter to github issues on some repos and apple forum posts.

This issue and expiration dates are NOT the expiration date of the provisioning profile, but rather an expiration date on certificates controlled by Apple to digitally sign the provisioning profile.

When apple creates a provisioning profile, they digitally sign the file. They were doing this by using 3 distinct certificates:

EXPIRED Subject: C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple iPhone Certification Authority
EXPIRED Subject: C=US, O=Apple Inc., CN=Apple iPhone OS Provisioning Profile Signing
        Subject: C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Root CA

2 of which have expired on Apr 12 17:43:28 2022 GMT

Anyone that needs to push an app to the App Store should check if their provisioning profiles were signed like this and, if so, they need to regenerate the provisioning profile and regenerate the app so Apple signs the files with non expired certificates so it can be accepted on the store.


Thank you,
Carlos Sotelo


Just adding some information on how to validate if the provisioning profile is afflicted by this.

To validate the provisioning profile ZZZ.mobileprovisionwe can use openssl or other tools to check the digital signature of the file itself, searching for the validity of the certificates that have signed the provisioning profile.

openssl pkcs7 -print_certs -text -in ZZZ.mobileprovision -inform der

That will output the full information of the certificates. This should be a rather big output with many details about the certificates. These afflicted files should have been signed by at least 1 of the expired certificates:

EXPIRED Subject: C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple iPhone Certification Authority
EXPIRED Subject: C=US, O=Apple Inc., CN=Apple iPhone OS Provisioning Profile Signing
        Subject: C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Root CA


Great thanks for sharing

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.