Why does my released ios app appear to be signed with my developer key?

Question

I wanted to see which certificate/provisioning profile had been used by Xcode after archiving my app for the app store. Since Xcode has an "automatic" option for picking a signing profile I need this to be able to troubleshoot some entitlement problems.

I found this document that said to use codesign -dvvv /path/to/MyGreatApp.app to find out.

Check the "Authority" field within the command results to see which identity owns the certificate used to sign the app:

Authority=iPhone Distribution: Appleseed Inc.

If the Authority of a distribution build reads "iPhone Developer" then a development Provisioning Profile was used to sign the app by mistake.

I tried this by selecting an archive I know has been on the appstore, viewing it in finder and from there using the path to myapp.xcarchive/Products/Applications/myapp.app in the above terminal command.

The output gives:

Authority=iPhone Developer: My Name

I double checked in the keychain, and that certificate is associated with my development key.

I have obviously misunderstood something in this process. 1. Why does it appear as if I signed a released app with a development key? And 2. how do I find out what profile/cert is associated with one of my submitted apps?

Answer 1

Just noticed that the app store submission dialog discloses a provisioning profile. I've always been on auto-pilot when clicking through those steps.

It clearly resigns the app on submission, all is well.

Still looking for an answer to question #2.