HTTPS/SSL: Apple rules - ios

My iOS app uses a server side service to chat, upload photo, etc. In order to don't have my script "hacked" and keep my header private, i decided to use SSL encryption provided by a certificat on my Apache server which will handle the resquest and give the response by JSON using PHP/MySQL.
But i heard that Apple doesn't allow HTTPS connection on Apple store, is that true ?
i also heard that i need a US gov certificate, is that true ? even if i am not a US resident ? (I'm european).
Even for just SSL which is known ? i don't use sofisticate self coded algorithm !
If someone had that issue that will help me a lot !
Thanks !

No on all counts. I've built and submitted many apps for sale in the US and internationally using self-signed certs on my server with not a peep from Apple.

Related

Apple Notification Server APNS - My Domain is Banned

I have an enterprise iPhone app which uses APNS to send notifications to users phones. This was working fine up until recently when we had a huge expansion of users, now no notifications are being sent/received and I cannot connect to APNS server from PHP.
I am 99% certain the reason is because the domain I am sending APNS requests from has been banned due to Apple thinking I was trying a DDOS attack. Reasons I think this:
Code I was using to send APNS messages was not proper, it was opening then closing the connection in a loop. This is the cause of the ban I believe. I have learnt the error of my ways since but too late right now.
I uploaded my .pem file to another server/IP and used the exact same code to send notification and received to my phone successfully.
I have run and openssl command to try and connect to APNS server from the believed banned server and it connects but returns 'write:errorno=104' along with other error lines. Whereas with the other server I mentioned it returned the proper connection output along with cert output, ect., the normal.
So my reason for posting is I am stuck wondering how to get my domain removed from the ban list. https://developer.apple.com/library/content/technotes/tn2265/_index.html This page states that it takes about an hour for the temp block to expire, I have made sure to not attempt a connection for over 12 hours and still not working. "This temporary block will expire if no connection attempts are made for about one hour."
Looking through Apple support channel I can not find the proper path to follow and I do not want to pay for professional services.
Anyone experience this before and now path to follow to get off banned list? Or to even verify that you are on the banned list?

Does App Store accept self signed certificate apps?

i am a newbie whom developing an app for iOS (and also android i have talked it also for google play) which implemented a socket connection and had to allow all host in order to work with our self-signed certificate installed on server by editing the plist file (NSAllowsArbitraryLoads true) or i need define NSExceptionDomains ?..
in 2016 and before apple still accept it ( i have deployed 1 before ), but i heard there is new regulation for 2017.
Will App Store accept self signed certificate connection for 2017 ? Thank you..
Only high level API's (e.g. NSURLSession, NSURLConnection, etc.) require app transport security.
Low level stuff like POSIX sockets do not use ATS.

how to send data from airwatch to ios app

I'm a junior ios developper trying to communicate with the MDM server : air watch.
I found lot of topics talking about getting the data from the MDM server in my app (like Using MDM To Configure An Enterprise App Via NSUserDefaults and https://www.devexpress.com/Support/Center/Question/Details/T224565) but I cannot find any tutorials on how air watch send data to ios app.
Does anybody face the same problem or have links to help me get through ?
Thanks in advance !
This will work: AppConfig
Implementation in iOS is much simpler than Android
I am not sure what data you want to send down to the app, but syncing application data is usually not the domain of an MDM/EMM solution. I would use either use Apple APNS to publish to the app (directly or through a 3rd party provider) or use periodic polling initiated from your app to fetch you data. A common pattern is to publish a small payload to the app (e.g key-oriented data) and then let it fetch the real application payload using the Apple networking stack
If you use APNS and your enterprise is averse to opening your network to the internet (very common), consider a 3rd party provider like UrbanAirship, Azure,... They handle the initial token handshake as well as provide nice group messaging and other features. Good luck.

Is Inter Process Communication possible between iOS applications using Sockets?

I have gone through a lot of articles on internet and most say that IOS applications allow IPC using protocol handlers (URL Schemes). But, Can't we achieve IPC using sockets, if one application opens a port and the other tries to connect to it ?
iOS8 introduced IPC support by exposing mach ports for so called "application groups". Check out this great tutorial:
http://ddeville.me/2015/02/interprocess-communication-on-ios-with-mach-messages/
It requires a bit of setup (to define application groups in dev portal, generate proper entitlements, etc..) but is not really so difficult and Xcode 6 does most of the job automatically (just enable "App groups" in general capacities section).
I can confirm, it works (I was able to create 2 apps sending messages to each other).
On iO7 there is no official support for IPS, but If you do not plan to upload your app to AppStore, you could try to exploit inter-app audio communication to achieve this.
Check out Apple's code sample, which demonstrated inter-app sound data stream between 3 apps:
https://developer.apple.com/library/ios/samplecode/InterAppAudioSuite/Introduction/Intro.html
Associated WWDS video:
https://developer.apple.com/wwdc/videos/#602
I haven't try to exploit it for non-audio usage but can't see the reason why shouldn't it work. Data rate is great, and sound data are just bytes and do not have to be redirected to the speaker, but interpreted however you like.
Of course, it will be rejected in AppStore review, but it is still fine for enterprise or own usage.
No, it is not for several reasons. 1) Apple does not allow this internally and has security layers to prevent this. 2) Applications fire applicationDiD/WillEnterBackground after a short delay, at which point the way you can interact with it plummets.
If you really want to send data between applications, set up a server with certs to match your app so you can use APN (apple push notifications) to send data in silent pushes to applications. Then, set up endpoints on the server that trigger those sends, and have apps consume the API that the server exposes.

Low Level Network Traffic Access on iOS Device

I'm looking for a way to develop an iOS in which I can access all network traffic, (I mean System-Wide) and route it through my app. Something like a proxy server but notice that I want to force the route and access all the traffic not only web requests (Something like what VPN Connections do).
I think that may go a bit beyond Apple limitations regarding App Store Guidelines. Any VPN API accessible for doing that ? Any practical suggestion or description on undocumented and private APIs is really appreciated.
P.S: This article may help understanding what I'm looking for;
To be able to do VPN functionalities you have to create a vpnplugin, the problem is that it's a pseudo-Private API, I'm saying "pseudo" because there are companies that had access to the documentation and there are apps on the App Store that uses it (OpenVPN connect for example). You can try reverse engineering some of those app plugins (it's the folder with the .vpnplugin extension).
By the way, someone already did that and published the vpn plugin API to github: https://github.com/Smartype/iOS_VPNPlugIn/blob/master/iOSVPNPlugIn.h
Network Extension of iOS9 will allow custom VPN tunnel implementations and NEPacketTunnelProvider is probably what you are looking for.
Check out the WWDC video.
https://developer.apple.com/videos/wwdc/2015/?id=717
You need to send an email to apple to get access to this function.
https://github.com/shadowsocks/shadowsocks-iOS/issues/124

Resources