I know how to view the expiration date of an .ipa file's provisioning profile (by renaming the ipa to zip, then unzip it and view the ExpirationDate key in the embedded.mobileprovisioning file).
But how can I view the expiration date of the certificate itself that was used to sign the ipa?
I found that you can use the codesign utility to "extract" certs:
codesign --display --extract-certificates /Applications/Example.app
This produces three files: codesign0, codesign1, codesign2. Not sure how to proceed after that.
Roy K
Do the following:
unzip -q MyApp.ipa
$ codesign -d --extract-certificates Payload/*.app
$ openssl x509 -inform DER -in codesign0 -noout -nameopt -oneline -dates
After doing the above, you will get output with:
notAfter=Aug 4 16:08:00 2017 GMT
This is the certificate expiration date.
来源:https://stackoverflow.com/questions/36453102/retrieve-certificate-expiration-date-from-an-ipa-file