I have updated my example over the air distribution script to use “xcrun PackageApplication” instead of manually creating the Payload directory and zipping that.
This allows you to use the same flow to package and sign your application that Xcode does. It also allows you to choose the signing certificate and provisioning profile completely separate from what was defined in the Xcode project.
You can see how to use “xcrun PackageApplication” here
Thanks to blog.octo.com for finding this.