diff --git a/isideload/src/sideload/sideloader.rs b/isideload/src/sideload/sideloader.rs
index 296567c..ab4a555 100644
--- a/isideload/src/sideload/sideloader.rs
+++ b/isideload/src/sideload/sideloader.rs
@@ -18,8 +18,9 @@ use crate::{
 
 use std::path::PathBuf;
 
+use apple_codesign::{AppleCertificate, cryptography::parse_pfx_data};
 use idevice::provider::IdeviceProvider;
-use rootcause::prelude::*;
+use rootcause::{option_ext::OptionExt, prelude::*};
 use tracing::info;
 
 pub struct Sideloader {
@@ -168,12 +169,15 @@ impl Sideloader {
         )
         .await?;
 
+        let settings =
+            sign::signing_settings(&cert_identity).context("Failed to create signing settings")?;
+
         sign::sign(
+            settings,
             &mut app,
-            &cert_identity,
-            &provisioning_profile,
+            provisioning_profile.encoded_profile.as_ref(),
             &special,
-            &team,
+            &team.team_id,
         )
         .context("Failed to sign app")?;
 
@@ -255,6 +259,37 @@ impl Sideloader {
         Ok(team)
     }
 
+    pub async fn sign_cert(
+        app_path: PathBuf,
+        p12: Vec<u8>,
+        password: &str,
+        provisioning_profile: Vec<u8>,
+    ) -> Result<(PathBuf, Option<SpecialApp>), Report> {
+        let (cert, key) = parse_pfx_data(&p12, password).context("Failed to parse p12")?;
+        let team_id = cert
+            .apple_team_id()
+            .ok_or_report()
+            .context("Certificate is missing Apple team ID")?;
+        let settings = sign::imported_cert_signing_settings(&key, cert)
+            .context("Failed to create signing settings")?;
+
+        let mut app = Application::new(app_path)?;
+        let special = app.get_special_app();
+
+        //app.update_bundle_id(&main_bundle_id, &main_app_id_str)?;
+
+        sign::sign(
+            settings,
+            &mut app,
+            &provisioning_profile,
+            &special,
+            &team_id,
+        )
+        .context("Failed to sign app")?;
+
+        Ok((app.bundle.bundle_dir, special))
+    }
+
     pub fn get_dev_session(&mut self) -> &mut DeveloperSession {
         &mut self.dev_session
     }
diff --git a/isideload/src/sideload/sign.rs b/isideload/src/sideload/sign.rs
index 3468405..8149c35 100644
--- a/isideload/src/sideload/sign.rs
+++ b/isideload/src/sideload/sign.rs
@@ -3,9 +3,9 @@ use plist::Dictionary;
 use plist_macro::plist_to_xml_string;
 use rootcause::{option_ext::OptionExt, prelude::*};
 use tracing::info;
+use x509_certificate::{CapturedX509Certificate, KeyInfoSigner};
 
 use crate::{
-    dev::{app_ids::Profile, teams::DeveloperTeam},
     sideload::{
         application::{Application, SpecialApp},
         cert_identity::CertificateIdentity,
@@ -14,18 +14,13 @@ use crate::{
 };
 
 pub fn sign(
+    mut settings: SigningSettings,
     app: &mut Application,
-    cert_identity: &CertificateIdentity,
-    provisioning_profile: &Profile,
+    provisioning_profile: &[u8],
     special: &Option<SpecialApp>,
-    team: &DeveloperTeam,
+    team_id: &str,
 ) -> Result<(), Report> {
-    let mut settings = signing_settings(cert_identity)?;
-    let entitlements: Dictionary = entitlements_from_prov(
-        provisioning_profile.encoded_profile.as_ref(),
-        special,
-        team,
-    )?;
+    let entitlements: Dictionary = entitlements_from_prov(provisioning_profile, special, team_id)?;
 
     settings
         .set_entitlements_xml(
@@ -65,10 +60,25 @@ pub fn signing_settings<'a>(cert: &'a CertificateIdentity) -> Result<SigningSett
     Ok(settings)
 }
 
+pub fn imported_cert_signing_settings<'a, T: KeyInfoSigner>(
+    key: &'a T,
+    cert: CapturedX509Certificate,
+) -> Result<SigningSettings<'a>, Report> {
+    let mut settings = SigningSettings::default();
+
+    settings.set_signing_key(key, cert);
+
+    settings.set_for_notarization(false);
+    settings.set_shallow(true);
+    settings.chain_apple_certificates();
+    settings.set_team_id_from_signing_certificate();
+    Ok(settings)
+}
+
 fn entitlements_from_prov(
     data: &[u8],
     special: &Option<SpecialApp>,
-    team: &DeveloperTeam,
+    team_id: &str,
 ) -> Result<Dictionary, Report> {
     let start = data
         .windows(6)
@@ -94,13 +104,13 @@ fn entitlements_from_prov(
     ) {
         let mut keychain_access = vec![plist::Value::String(format!(
             "{}.com.kdt.livecontainer.shared",
-            team.team_id
+            team_id
         ))];
 
         for number in 1..128 {
             keychain_access.push(plist::Value::String(format!(
                 "{}.com.kdt.livecontainer.shared.{}",
-                team.team_id, number
+                team_id, number
             )));
         }