I was wondering how was this website able to offer an iOS app for download directly from the browser bypassing the App Store?
(Please be advised that this is an adult-oriented app.)
http://app.941hd.com/ios_download.html
It seems they're using an enterprise certificate, which is intended for in-house corporate developers.
iOS Apps signed with those certificates can be downloaded and installed through a link by anyone, regardless of whether or not the developer has your UDID.
They would be violating their developer agreement with Apple and can expect to have their account suspended when Apple finds out.
I can't comment on exactly this implementation but a similar thing could be done using B2B distribution method. More info here.
You can distribute your app from a web page simply by creating a download link for the .ipa.
When opened in iOS, the application will be downloaded and installed on the device, if the device is registered on the provisioning profile used to sign the .ipa or if the provisioning profile is inHouse.
They have enrolled a Enterprise Account of Apple and they have made Enterprise App , which can be distributed via website and can be directly downloaded from browser .
There are online tools that simplify this process of sharing, for example https://abbashare.com or https://diawi.com
Create an ipa file from xcode with adhoc or inhouse profile, and upload this file on these site.
I prefer abbashare because save file on your dropbox and you can delete it whenever you want
Related
I am developing an app from one developer account and it was going on for the last few months. But now the client want to distribute it to a few customers Off-Store. We have an enterprise account ready to use but my question is Should I do everything from the start again right from creating the App ID? Or any other way around?
I looked around internet for answers but I could find anything effective.
This one was quite related to my question but I was looking for Off-Store distribution only. I just want to know if its possible.
If the app is already configured in iTunes connect then you can transfer the app from one account to another account from iTunes Connect. Refer this and see if it helps your cause.
https://developer.apple.com/library/ios/documentation/LanguagesUtilities/Conceptual/iTunesConnect_Guide/Chapters/TransferringAndDeletingApps.html
You can use developer provisioning profile for it.
Add UDID of device in developer provisioning profile.
Download and install developer provisioning profile.
After that build IPA by using this developer provisioning profile.
Upload the generated IPA to https://www.diawi.com and click send.
This will give you a link, from which you can download the app.
So you can share this link with anyone.
I find out some app on internet that it installed my phone not through Apple Store. When i clicked "Download App" on the website, it will install automatically on the phone. I wonder why this way is available with Apple Security.
Please, give me a reason. ^_^
Read this article:
http://mobiledan.net/2012/03/02/5-options-for-distributing-ios-apps-to-a-limited-audience-legally/
You can do what you want with iOS Developer Enterprise Program -- In-house app distributing.
Compile your Application with Enterprise Account -> Upload on third party site like http://www.diawi.com & share generated link with others
If you don't know about build types then let me tell you there are 3 types of iOS ipa files that can run on iPhone
1-Developer Mode
2-AdHoc Distribution
3-App Store Submission
Developer Mode: it will only run on debugging device
AdHoc : two types of this build
i) Simple account:
for this build you have to add your mobile Udid into the provisioning profile it will only run on that device whose udid is included in the profile.
ii) Premium account:
for this build you don't have to do any thing it will run on every device without adding its udid to provisioning profile.
App Store Submission : for submitting to apple store you have to make this type of build.
//udid means your mobile device id.
Purchase Enterprise account(299 dollars) or simply create ipa and share on TestFlight but you will still need developer account (99 dollars). In developer account you can register only 100 devices so you cant send ipa to many users. In your case Enterprise account is better. It is your choice.
You are correct,
Some apps don't need to go through APP-Store
There is two types of Developer account by Apple,
If you go with "Enterprise Program" (need to pay more), and you have to create Ad-HOC app and upload on 3rd party server, and you can download it from there.
I've recently evidenced a set of third party illegal appstores that re-distibute iOS apps. These online stores are able to install free Appstore apps (i.e. Facebook, Google Map, etc.) or their own apps on non-jailbroken devices. Regarding the fact that Apple forbids third-party stores, I just want to know how these apps are signed to be installed on Apple devices? Does these Apps first jailbreak the device?
Does apple allow changing/updating the Signature of an app?
Update:
It seems that these Apps are installed on the device by a certificate generated by an enterprise developer license, so it can be installed on any device without any limitations. But I cannot understand how these AppStores install those Apps that are available on Apple AppStore, like Facebook !!!
Update 2:
Is it possible to get the .ipa file of an application hosted on AppStore? i.e. Facebook? If possible, can it be resigned?
Update 3:
These are the certificates installed. Obviously one of them is fake, unverified but at the same time can install apps without the need to jailbreak.
Update 4
I think the Q/A at this link on SO does not reply to my Q as well. If the tongbu signs the apps using an enterprise license, is it really possible to get an enterprise license for each app?
The apps are most likely re-signed with the developers (person creating these so called "cracked apps" own distribution certificate. They will purchase the real app, extract the IPA file, and then re-sign it. These legally signed apps are then uploaded to a website and then downloaded by the user or distributed by some other means. iOS treats these like regular signed apps and doesn't check with the App Store because they were never uploaded. This allows downloading of cracked apps on a non-jailbroken iDevice. Jailbreaking eliminates the need for code-signing. The distribution certificate is normally used for companies wanting to distribute an app designed specifically for their working environment with no need to upload to the App Store. Distributing and using a developer's certificate in this way of making cracked apps of course violates Apple's policies and those certificates will be voided as soon as Apple finds out but that can take a very long time.
EDIT: There seems to be some confusion as to how App Store apps are being installed for free on devices. This process requires jailbreaking but only to create the ipa, installing it is done automatically on the device by iOS. Whoever is uploading the apps goes through this process:
They first download the target app from the app store and install it on their device.
They then copy over the .app from their iDevice to their computer through various file explorers or other means.
They create a folder called Payload and put the .app inside.
They zip up the Payload folder
They rename the zipped file with a .ipa extension.
This .ipa file is then resigned with a distribution certificate through iResign or terminal and then uploaded to the internet.
When a user downloads a .ipa file, iOS automatically installs it if it was signed correctly.
I hope this clears up any confusion. Also, if they are uploading their own app they made in xcode, they can simply use xcode to do it by archiving it first (Product>Archive) with their distribution certificate and Ad-hoc provisioning profile selected to code-sign then opening organizer, going to archives and clicking distribute. Finally they choose Save for enterprise or Ad-Hoc Deployment which automatically makes an ipa ready for upload.
I am developing an iOS app which needs to be tested in a device which is present in another country with the client. If needed I can get the UDID and other details of the device. Can I install my under-development app on that device without publishing my App.? If yes, please explain the procedure.
Thank you all in advance.
Yes, you can. To do this you will need the UDID of all the devices where the App will be installed, and then you need to generate an Ad Hoc provisiong profile for those devices.
https://developer.apple.com/library/ios/documentation/IDEs/Conceptual/AppDistributionGuide/TestingYouriOSApp/TestingYouriOSApp.html
To send the app to your client, go to XCode > Product (Menu) > Archive.
Then open Organizer > Archives (Tab) > Distribute. Follow on-screen instructions.
This will generate an .ipa file (executable) which you can then send to your testers (through email, or whatever other mean). He will have to install this .ipa by dragging and dropping it onto iTunes.
For further discussions look at this question.
Yes, you can.
1)Register client's device into device list in your developer account on apples site
2)Generate Ad-Hoc provision profile and send to your client with *.ipa file
3)Test it
Also take a look at 3-rd party services like TestFlight - http://testflightapp.com .Very popular and convenient way to work with beta-testers all around the world.
Answer is yes. You need to get UDID and add it to your developer portal as testing device. Download the provisioning profile and rebuild the app with revised provisioning profile. This app can be send to client for testing.
If you can sign with an Distribution profile for enterprises than you can upload that file on a link and user can Install the iPA file just by clicking on that link..
for more info check on these links..
How to distribute ios application wirelessly without managing UDIDs and recompilation
iPhone Application Enterprise Distribution Process
This an incredibly bad idea. What you are setting up is a back door into any iOS device to plant (potentially) malicious software. While your intentions may be good the long term effects are not.
Publishing your app would require it to go through code review, which is entail to ensure the enteritis of the app.
We have build an enterprise iPad App and now we want to give it to our employees. Initially when testing, we used ad-hoc distribution collecting all the test device's UDID and then creating the profile.
Now going live we want this app to be deployed in a secured web server and send the link to our employees, so that they enter the username and password before accessing the link.
There are around 500+ devices we need to install this iPad App. Do i need to collect all the UDID and then deploy the .ipa file, because Apple documentation says:
Create an enterprise distribution provisioning profile that authorizes devices to use apps you’ve signed.
If not that way, do the user needs to install the profile.mobileprovision file and then install the .ipa file?
We are still unable to decide how to deploy our app because of this issue. We would like to avoid the app approval process because it App handles a lot of sensitive data.
Can some one help me on this, how to do a OTA deployment for enterprise Apps?
As of December 2011, these are the steps:
Create a provisioning profile in your Apple Enterprise account
Set this as the Code Signing Identity under the Build setting of your app.
Make sure the Bundle ID matches that of the provisioning profile.
Select Product > Archive to build IPA file.
Click Share (aka Distribute) button after selecting your Archive.
Set Contents radio button to iOS App Store Package (.ipa)
Make sure Identity in dropdown is the one used from Enterprise account.
Click Next
Select the check box "Save for Enterprise Distribution"
For Application URL put in the URL that points to where the ipa file will be placed (example: http://oursite.com/myApp.ipa)
Click Save. This will save a plist & an ipa file for you.
Place these files on your server with a link formated like this:
<a href="itms-services://?action=download-manifest&url=itms-services://?action=download-manifest&url=http:/oursite.com/myApp.plist" id="text">
Go to this page from your device and click the link to install the app
Probably the best way to distribute your enterprise mobile app and then securely manage users, groups, data and devices is using a Mobile Device Manager (MDM) tool suite.
iOS provides specific APIs that support enterprise deployment via MDM products with API level features like Per App VPN connections that allow you to firewall a DMZ application server to only connect to a specific signed client iOS app. The vendors also provided authentication SSO integration and encrypted storage on the devices to sandbox your enterprise apps from other untrusted personal apps on a BYOD device.
Here's the Gartner 2013 review of MDM products:
http://www.business.att.com/content/whitepaper/Gartner-MDM-MQ.pdf
The 3 major players are now: Air Watch, Mobile Iron and Citrix XenMobile.
NOTE: I don't work for or have a vested interest in any MDM vendor.
There are two solutions
Try testflightapp.com
It does everything for you. It even has a SDK which I found very useful in debugging scenarios with logs and crash reports.
If you are looking to have your own hosted solution for the enterprise then
http://hockeykit.net/ is the best bet.
It has a client application which makes the upgrade process painless. It also have a server side code which you can deploy on your server.
https://github.com/TheRealKerni/HockeyKit
Update 2013-11-23:
We have been using Diawi happily for quite some time.
You can also use my shell script that will help you a long way with generating the necessary files and links:
https://github.com/sveinungkb/ios-ota-buddy
You do not need to manage UDIDs if you are using an enterprise profile.
To install an enterprise app you need a provisioning profile built with your distribution certificate on each device. See Does an iPhone Enterprise provisioning profile need to specify phone UUIDs like an ad-hoc provisioning profile does?
I've created tool (it's beta, so please be patient with it:)) for generating manifests from ipa file online:
http://manifest-generator.knejzlik.cz/
It generates plist with index.html file. All you need is to put content of downloaded archive to your site.
You can use InstallFish.com for this.
It allows OTA distribution for both IOS and Android. It also has a feature to automatically get the UDID and create your own appstores.
You will still need to provision them via your enterprise account but it makes the whole process of OTA installs much easier, especially for enterprise distributions.
You can use hockey, diawi etc. but sometimes you just want something simple that allows you to host it on your server. I was searching for a simple, basic php script that can do this but did not found any that suited my needs so I wrote a simple single php file server by myself and you can find it here:
https://github.com/leszek-s/LSIPASERVER
It has a list of all uploaded ipa files, upload page with password protected upload and each uploaded ipa has it's own page so you can send a link to specific uploaded ipa to someone. Feel free to use it on your own server.