Anyone who uses apps from third-party app stores such as Tweakbox, App Valley or Ignition is constantly at risk of their apps becoming “revoked”. This happens when the enterprise certificate that the service has bought gets cancelled by Apple. Enterprise certificates are only intended to be used within a business, not the general public. Because of this, when Apple finds a certificate being used by a third party app store service, they cancel it causing any existing or new app downloads with that certificate to stop working. This is what happens when your hacked apps suddenly stop working, or you’re unable to download apps from the third-party app store.
Luckily, it is possible to get around these revokes by using some DNS trickery. When apps are installed with an enterprise certificate, they will regularly check with Apple’s signing server to see if the certificate is still valid. To prevent this, you can use a local DNS server to block your device from being able to contact Apple’s server. To do this, you can use a free app from the App Store called DNSCloak.
Requirements & Notes
- This will NOT fix apps that are already revoked. Rather, it will prevent apps from being revoked in the first place.
- This works with all iOS versions.
- This works with all third-party app stores including:
– App Valley
- DNSCloak will need to be disabled whenever you want to install new apps.
- Open the notes app on your device and create a new note. In the note copy and paste the following URL:
- Tap the share icon in the top right, then choose the ‘Save to Files’ option. Save the file either to your iCloud Drive or any other folder.
- Download DNSCloak from the app store using the link above.
- Once installed, open DNSCloak. In the top left, tap the 3 yellow lines to open the app’s settings.
- Make sure that the ‘Connect On Demand’ toggle is turned on, and the ‘Show VPN icon’ toggle is turned off.
- Tap ‘Blacklists & Whitelist’ to show more options. Turn ON the ‘Enable Blacklist’ toggle.
- Tap the ‘Pick Blacklist file…’ button, then select the text file you saved earlier. It should be called ‘text’ unless you specifically changed it.
- Tap the back button in the top left to return to the main app menu. Tap the ‘adguard-dns’ item, followed by the ‘Use this server’ button.
- When prompted to allow DNSCloak to add VPN configurations, tap ‘Allow’. If you have a passcode set you will be asked to enter this.
- Now that the DNS service has been started, a new VPN should appear in the Settings app. To find it go to ‘Settings > General > VPN’.
- Once in the VPN menu, tap the ‘i’ icon next to the ‘DNSCloak’ configuration. Make sure the ‘Connect On Demand’ toggle is turned ON.
- That’s it! Any third party apps installed from now on should be immune to revokes as long as DNSCloak remains active.
Important Note: Whenever you want to download new apps from a third-party app store you will need to disable DNSCloak by opening the DNSCloak app and tapping the stop button (yellow square) at the top. Make sure to re-activate this quickly after the new app(s) are installed to prevent old ones being revoked. If existing apps do become revoked while doing this, you will need to re-download them