@ingemar, thanks for that, but I had downloaded all the certificates via xcode initially.
I made a standard application in xCode and let xCode make an archive and then validate and upload it using the certificate that is installed. It worked without a hitch and quite fast.
I ran another application to check the .app,
The difference between the .app created by Corona and xCode was the object Code format is
Corona -> "bundle with generic"
xCode -> "bundle with Mach-O universal (armv7 armv7s (16777228:0))"
The remaining stuff like the certificates, code signature, etc are the same.
Now I can't simple replace the .app in the .xcarchive
So the outcome of this exercise was that the Certificate is ok and not an issue as the focus has been, the issue is that the .zip created by Corona is not liked by Application Loader for some reason and that has started with the new version of xCode.
If Corona can modify the settings for the xcode project from the back end on the server, I believe there is something that needs to be done there at the backend servers.
If it helps this app is not Universal and is build only for a single iOS device and in the build.settings the CFBundle entries are uncommented to make them specific than to avoid the com.bundle.IDENTIFIER type dynamic setting.
Any suggestions now?