I'm currently using iOS Developer Enterprise Program for Enterprise Deployment. I want to know what happen when the Certificate and/or the Provisioning profile expire. For now I created a bunch of provisioning profiles to be as far as I can to the expiration date. I want to know if I can securely delete old provisioning profiles that are possibly linked to an app or the apps will stop working. Is it possible in some way that a user who has already download an app will not be able to open it or a new user not be able to download it.
Thanks
The only requirement for an app to run on an iOS device is that there is at least one valid (non expired) provisioning profile on the device that is signed with a valid certificate (non expired / deleted) that has a bundle ID that matches the bundle id of the app you are trying to run.
So let's say I have 2 provisioning profiles I've created over the year for one app. The app's bundle ID is "com.example.testapp". One of the provisioning profiles was created with the app id "com.example.testapp" and it expires in 1 month. Another provisioning profile was created with a wildcard app id "com.example.*" and it expires in 3 months. You can safely delete the provisioning profiles and create a new one at any time, without affecting currently deployed apps from being able to run on devices. They will stop working once they hit the expiration date.
Continuing this example, let's say you have another app installed on the same device with a bundle id of "com.example.testapp2" and it was originally installed with a provisioning profile that specifically used the app id "com.example.testapp2" and the provisioning profile expires tomorrow. After tomorrow, the app will still work, because even though the "com.example.testapp2" provisioning profile is expired, there is another prov. profile on the device with a wildcard app id that matches, and that profile has not yet expired.
On another device that only has test app 2, and never had the wild card provisioning profile installed, the app will stop working. You can either manually install the new provisioning profile (email it to the device user), or install a new app (or the same app again) bundled with the new provisioning profile.
So long story short, deleting provisioning profiles is generally safe, but do not invalidate the certificate until you are ready to re-package all your internal apps.
If you let either your Enterprise Distribution Certificate or the associated Provisioning Profiles expire your apps will no longer load. The user will see the app start to load followed by an immediate crash. You have to renew your Enterprise Dist Cert every 3 years (you can have two concurrent / overlapping certs) and your Prov Profiles every year.
Seeing how the Provisioning Profile is the "weak link" in the chain at a yearly renewal what we do is refresh/renew our Enterprise Dist Prov Profiles every 9 months (at a minimum) to keep those suckers fresh. Likewise we renew our overlapped Enterprise Dist Cert no later than 9 months prior to the other Enterprise Dist Cert's expiration AND update the Dis Prov Profiles at the same time.
Answering your question more directly I wouldn't risk killing the Provisioning Profile and tanking your deployed app. Since you're renewing that guy yearly, re-baseline everyone at the same time to restart the clock.