RORK LABJP
FREETRY — Rork announced on X that Rork Max is free to try for a limited time, a chance to touch the $200/month tier without paying up frontONESHOT — Rork Max claims to one-shot almost any app for iPhone, Watch, iPad, TV, and Vision Pro, including builds that lean on AR and 3DXCODE — Positioned as a website that replaces Xcode: one click to install on device, two clicks to publish to the App Store, powered by Swift, Claude Code, and OpusPAPERLINE — Rork acquired the app builder Paperline and says it will stay acquisitive to bring in engineering talentSKILLS — Rork's app-store-connect-cli-skills repo was updated on July 9, a sign the submission tooling keeps getting attentionMARKET — Gartner expects 75% of new applications to be built with low-code or no-code tools by the end of 2026, up from under 25% in 2020FREETRY — Rork announced on X that Rork Max is free to try for a limited time, a chance to touch the $200/month tier without paying up frontONESHOT — Rork Max claims to one-shot almost any app for iPhone, Watch, iPad, TV, and Vision Pro, including builds that lean on AR and 3DXCODE — Positioned as a website that replaces Xcode: one click to install on device, two clicks to publish to the App Store, powered by Swift, Claude Code, and OpusPAPERLINE — Rork acquired the app builder Paperline and says it will stay acquisitive to bring in engineering talentSKILLS — Rork's app-store-connect-cli-skills repo was updated on July 9, a sign the submission tooling keeps getting attentionMARKET — Gartner expects 75% of new applications to be built with low-code or no-code tools by the end of 2026, up from under 25% in 2020
Articles/Dev Tools
Dev Tools/2026-07-17Advanced

The Update That Failed Because a Profile Expired Three Months Ago

Apple signing assets expire quietly and nothing tells you. Here is how to count the days left with the App Store Connect API and put the audit on a weekly Cloudflare Workers cron.

Rork513Rork Max228App Store Connect API4CertificatesOperations6

Premium Article

I opened an old app to make a small fix. The build succeeded. Submission stopped cold. The provisioning profile had expired three months earlier.

The expiry itself was not the problem. The problem was that nothing existed to tell me it had happened. Certificates and profiles lapse in silence. The next person to attempt a build finds out — and that person is always in a hurry.

Rork and Rork Max deepen this blind spot. Compilation happens in the cloud, submission takes two clicks, and the whole thing feels frictionless. Meanwhile your signing assets sit inside your own Apple Developer account, aging where you cannot see them.

Running several apps in parallel as a solo developer, I could not hold "which profile on which app expires when" in my head. So I handed the counting to a machine.

What Expires, and What Actually Breaks

Get the mechanics right before designing a response. Misreading this table leads to panic over problems that do not exist.

Asset Typical lifetime What happens at expiry
Apple Distribution certificate ~3 years You cannot sign new builds. Shipped apps keep running
Apple Development certificate ~1 year Device debugging signatures stop working
App Store provisioning profile ~1 year You cannot produce submission builds. Shipped apps are unaffected
Ad Hoc / Development profile ~1 year Builds distributed with it stop launching
APNs auth key (.p8) No expiry Never lapses. Only rotate on loss or exposure
App Store Connect API key No expiry Never lapses. Rotate on personnel change or exposure

The two bolded rows are where the confusion lives.

Apps already distributed through the App Store do not stop working when your certificate or profile expires. Apple validates signatures at review and distribution time, not on every launch on every device. Get this backwards and you will respond to an emergency that is not happening.

Ad Hoc and development-signed builds behave differently. There, the profile expiry is enforced on-device, and your testers really do find the app refusing to open.

So the practical damage sorts out like this:

  • Live apps: no user impact — but you cannot fix anything until signing is restored
  • Internal or tester builds: real impact, on the expiry date, with no warning
  • An urgent bug fix: the worst pairing. You rebuild your signing chain exactly when you have no time for it

I went three months without noticing precisely because nothing broke. The absence of damage is what removed every opportunity to find out.

Who Holds the Keys in Rork and Rork Max

Worth pinning down, because a vague answer here becomes "surely Rork handles that for me."

Path Where signing assets live What remains yours to manage
Rork (React Native + Expo) via EAS Build Expo's servers (remote credentials) The certificates in your Apple account, and the slot limit
Rork Max (cloud Mac compilation) Auto-generated through an API key Rork holds The key's role, plus auditing what got generated
Local Xcode archive Your local keychain Everything, backups included

Whichever path you take, the certificates and profiles themselves live in your Apple Developer account. They are your assets. Build services merely issue and fetch them on your behalf. The slot limit fills up in your account. The clock runs down in your account.

Automatic generation is convenient. Convenience is not the same thing as awareness. I have written more on where these boundaries fall in the Rork Max and Expo responsibility split, if that context is useful.

Thank you for reading this far.

Continue Reading

What follows includes implementation code, benchmarks, and practical content we hope you'll find useful. This site runs without ads — server and development costs are supported entirely by members like you. If it's been helpful, we'd be truly grateful for your support.

WHAT YOU'LL LEARN
What actually breaks when a certificate expires — and the widely misunderstood case that does not
A dependency-free Node.js script that reads expiry dates straight from the App Store Connect API
A weekly Cloudflare Workers cron that only speaks up when something is genuinely close to lapsing
Secure payment via Stripe · Cancel anytime

Unlock This Article

Get full access to the rest of this article. Buy once, read anytime. This site is ad-free — your support goes directly toward keeping it running.

or
Unlock all articles with Membership →
Share

Thank You for Reading

Rork Lab is ad-free, supported entirely by members like you. We publish practical guides daily with implementation code, benchmarks, and production-ready patterns. If you've found it useful, we'd love to have you on board.

  • Copy-paste ready implementation code
  • New advanced guides published daily
  • $5/mo or $10 for lifetime access
View Membership →

Related Articles

Dev Tools2026-07-17
Killing the Export Compliance Prompt in Rork Builds for Good
Every Rork and Rork Max build lands in App Store Connect with a Missing Compliance warning. Here is how to decide whether you qualify for the exemption, and how to set it once in app.json or Info.plist so the question never returns.
Dev Tools2026-07-10
The Termination That Never Shows Up as a Crash — Reading JetsamEvent in Rork Apps
Crashlytics is silent, yet reviewers write that the app closes by itself. Most of the time the OS killed it for exceeding its memory limit. Here is how to read JetsamEvent reports and design an image-heavy app's memory budget from measured values.
Dev Tools2026-07-10
Every Key You Ship Is Public: Secret Boundaries and Rotation for Rork-Generated Apps
Unzip your own .ipa, run strings, and your environment variables are right there in plain text. Here is how I sort keys into three tiers, move the dangerous ones behind an edge proxy, and keep a rotation runbook that assumes leakage.
📚RECOMMENDED BOOKS
Build a Large Language Model (From Scratch)
Sebastian Raschka
LLM Dev
Prompt Engineering for LLMs
Berryman & Ziegler
Prompting
AI Engineering
Chip Huyen
AI Eng
* Contains affiliate links
See all →