According to this link in the section "In-house apps | Providing updated apps", I should be able to just distribute a new .mobileprovision file instead of forcing users to install a new version of the app:
For users who already have the app, you may want to time your next
released version so that it includes the new provisioning profile. If
not, you can distribute just the new .mobileprovision file so users
won’t have to install the app again. The new provisioning profile will
override the one that’s already in the app archive.
How is that even possible? Isn't the distribution profile necessary for compiling/singing the app? I would like the convenience of just being able to distribute a new certificate, but I'm very skeptical this can even work. Does anyone know for sure? Or am I mis-interpreting this wording? If not, how can I make this work?
Apple said Provisioning profiles can be installed and managed using MDM, downloaded and installed by users from a secure website that you provide, or distributed to users as an email attachment to open and install.
So you can distribute only mobile provision profile and test the things.
One thing I observed that In case of Enterprise Distribution profile Device udid does not need to add in portal. The ipa file will install across all devices. It happens in case of Enterprise developer profile cases.
For Managing Updates Apple has said that:

"In-house apps that are distributed internally aren’t automatically updated. You’ll need to notify employees of the update and instruct them to install the app. If the application identifier assigned to the app in Xcode is unaltered, it will recognize the app as an existing app and install the update while retaining locally stored app data or preferences. For greater convenience, consider developing a function within the app that contacts the server for updates at runtime."
So I am guessing to send the users a push notification which would notify them about the update and ask them to install, once the click ok you can redirect them to your server where the app is hosted and they can install from there
Related
I began developing iOS apps under my father's developer account due to the age restriction, but now I have my own, and have transferred my apps over to it. I now want to update an app of mine that creates and maintains data on the device local to the app.
Since my father's account is still active, I can still sign the app via that account's "Team" in Xcode, and everything works fine when installing on a device. However, I want to sign it with my own account in case my father ever decides to stop renewing his membership, but if I do, whenever I try to install it over top of the old version I get an error in Xcode with the title "App installation failed" and the message "Could not write to the device".
After googling around, people suggest to simply delete the old version of the app from the device and install the new version, but since the app utilizes its local documents directory, this would mean that all the user's files would be deleted when deleting the app, which is unacceptable, since this is the main feature of the app.
Since the app has iTunes File Sharing enabled, users could copy all their files off the device via iTunes, delete the app, install the new version, and copy all their files back. However, some users do not have computers, owning solely phones or tablets, so this is also unacceptable since they would not be able to download the update without losing everything. Plus, many of the apps users are older folks that aren't great with technology, which would just make this a massive pain for everyone.
I haven't tried anything except changing the signing team because I don't want to mess anything up by polluting my account with manually created certificates and provisioning profiles that end up not working. It seems strange to changing the team doesn't work since we have to get a new distribution certificate every year which still changes how the app was signed when releasing an update. I must be missing something since it seems like this is a common enough scenario that Apple would have a process to do it.
What else do I need to do?
Notes:
Xcode usually automatically creates provisioning profiles for apps (assuming the "Automatically manage signing" checkbox is checked, which it is), but has not created one for this app on my account, every though when I roll my mouse over the info icon next to the "Xcode Managed Profile" line in Targets -> myApp -> General, it says it has a provisioning profile under my account's development certificate.
I have access to the certificates and provisioning profiles of my father's account on my computer, so grabbing the p12 of the certificate used to sign the current release isn't applicable.
It's been a while since I asked this question, but if I remember correctly, I think the answer was that I simply didn't have to do anything.
The issue stemmed from the fact that I was trying to install an app that was signed with different credentials than the currently installed version was signed with. For example, if I have an app installed that is signed by account1, then installing any app with the same bundle ID but signed with anything other than account1 (let's call it account2) will fail. In my case, account1 was my father's account and account2 was my account.
When it comes to the App Store, after reviewing your app, Apple signs it and publishes it to the App Store. As a result, everything on the App Store is signed by Apple.
This means that the version of the app submitted under account1 is Apple-signed, and after being transferred to account2, any versions account2 submits will also be Apple-signed. From the final user's perspective, since the old version (submitted by account1) and the new version (submitted by account2) are signed by the same entity (Apple), there is no conflict and the user never knows that the app was transferred to another account.
So even if you see conflicts on your end, the end user won't. To stop seeing them, simply uninstall any versions of the app that were signed with account1 and install your new version signed with account2. Everything should work just fine.
My Enterprise app's provisioning profile became invalid yesterday. I renewed it via Xcode, but now the app on won't launch on any devices, and it's unable to download. Do I need to re-package the app and make all users download the update? The app has 3000+ users and making them all download it again would be a huge pain. Is there any way to update the profile, but not need to re-download the app? Shouldn't the device check against Apple's server and see the profile is now valid again?
If you have 3000 users, you really need to look into using an MDM / MAM platform to automate this. Every year when the provisioning profile expires, you will need to re-sign the app, and then re-distribute the app to all the users.
You can do something in-app, like check for a new version, and prompt the user on launch that they must download the new version. If you do this, make sure you push it out early enough that all users will launch the app and download the new version before the profile expiration date. So every year, 1 month before the profile expires, you push a new version to a particular location. Users will then get a pop up saying they must get the new version. They click OK and it fires off the install from the .plist, replacing the current version. We do it for a much smaller user base and it has been effective.
I've recently evidenced a set of third party illegal appstores that re-distibute iOS apps. These online stores are able to install free Appstore apps (i.e. Facebook, Google Map, etc.) or their own apps on non-jailbroken devices. Regarding the fact that Apple forbids third-party stores, I just want to know how these apps are signed to be installed on Apple devices? Does these Apps first jailbreak the device?
Does apple allow changing/updating the Signature of an app?
Update:
It seems that these Apps are installed on the device by a certificate generated by an enterprise developer license, so it can be installed on any device without any limitations. But I cannot understand how these AppStores install those Apps that are available on Apple AppStore, like Facebook !!!
Update 2:
Is it possible to get the .ipa file of an application hosted on AppStore? i.e. Facebook? If possible, can it be resigned?
Update 3:
These are the certificates installed. Obviously one of them is fake, unverified but at the same time can install apps without the need to jailbreak.
Update 4
I think the Q/A at this link on SO does not reply to my Q as well. If the tongbu signs the apps using an enterprise license, is it really possible to get an enterprise license for each app?
The apps are most likely re-signed with the developers (person creating these so called "cracked apps" own distribution certificate. They will purchase the real app, extract the IPA file, and then re-sign it. These legally signed apps are then uploaded to a website and then downloaded by the user or distributed by some other means. iOS treats these like regular signed apps and doesn't check with the App Store because they were never uploaded. This allows downloading of cracked apps on a non-jailbroken iDevice. Jailbreaking eliminates the need for code-signing. The distribution certificate is normally used for companies wanting to distribute an app designed specifically for their working environment with no need to upload to the App Store. Distributing and using a developer's certificate in this way of making cracked apps of course violates Apple's policies and those certificates will be voided as soon as Apple finds out but that can take a very long time.
EDIT: There seems to be some confusion as to how App Store apps are being installed for free on devices. This process requires jailbreaking but only to create the ipa, installing it is done automatically on the device by iOS. Whoever is uploading the apps goes through this process:
They first download the target app from the app store and install it on their device.
They then copy over the .app from their iDevice to their computer through various file explorers or other means.
They create a folder called Payload and put the .app inside.
They zip up the Payload folder
They rename the zipped file with a .ipa extension.
This .ipa file is then resigned with a distribution certificate through iResign or terminal and then uploaded to the internet.
When a user downloads a .ipa file, iOS automatically installs it if it was signed correctly.
I hope this clears up any confusion. Also, if they are uploading their own app they made in xcode, they can simply use xcode to do it by archiving it first (Product>Archive) with their distribution certificate and Ad-hoc provisioning profile selected to code-sign then opening organizer, going to archives and clicking distribute. Finally they choose Save for enterprise or Ad-Hoc Deployment which automatically makes an ipa ready for upload.
So I took over an existing iOS app from a client, that is currently available for public use through the App Store. When I was given the project in xcode, I noticed that all provisioning profiles associated with the app had expired and all were under the name of the previous developer.
So, I added myself as a developer and joined the team and code signed the development copy under my credentials. I created a new ad hoc provisioning profile for testing, and released a version through TestFlight to some registered devices. No problems. The app is greenlighted to go live.
Can someone please help me out with the release process from this point on? Do I create a third new provisioning profile for App Store release, and tie it to the code signing in XCode? Is this going to be problematic considering the version that is live now is under completely different (expired) profiles from a different developer? Is there some alternative way I need to do it through Apple? I'm trying to be super cautious here... if for some reason I release the app and its crashing because of some step I didnt take by accident, the poop will hit the fan.
You're going to have to release it under a new name on the App Store and forfeit all the ratings and reviews. Apple won't let you swap developer profiles on an existing app.
Other developers may disagree, but it looks like a huge PITA. See here
Transferring ownership of an iPhone app on the app store
The official answer seems to be NO
I didn't interpret the question as regarding change of ownership of an app.
I read the question as: I've inherited maintenance of an app and we'll want to submit an update as the same seller.
In this case, you can generate your own certificates and distribution profiles, and you can then build and submit the app.
I have done this numerous times. That is, I have inherited responsibility for an app that I did not necessarily craft originally. I easily created new signing and provisioning credentials, appropriate for the app the be submitted as the seller (not me) on their behalf.
And for what it's worth, the App Store Distribution profile is necessary, but only used when the app is submitted, so Apple can ensure that it is coming from a developer that has the right to submit it. (Remember, these profiles are signed with the same certificates used to sign your app package.) If that Distribution profile should expire or change, it has no bearing on an app already in the App Store.
I have been working on a productivity app for 5 members of a company. I installed the app onto the iPads myself before sending them out. Now how do I send updated versions of the app to them?
The Apple site says ad hoc distribution can be done by email or from a web server but so far I can't find anything that explains HOW the app gets installed onto the iPad. Has anyone done this or knows how it is done? I figure some action on the part of the end user is needed which maybe a sticking point...
I'm correct in thinking that the app will run until the provisioning profile on the device expires and then be useless right?
Thanks,
Steve
Normally when you distribute applications via the ad hoc method, no application artwork is displayed when the user looks at your application inside the iTunes interface. However, if you place a copy of the 512×512-pixel PNG of your icon in your application bundle and name it iTunesArtwork without any file extension, this will be used by iTunes.
To deploy your application to your users via the ad hoc method, you need to create a distribution certificate, register any devices you plan to use, and create an ad hoc provisioning profile in the iPhone Developer Program Portal.
I haven't tried this yet, but bookmarked it because it looks interesting: http://www.readwriteweb.com/mobile/2010/12/apple-best-kept-secret-how-to-do-ad-hoc-installs.php
Hope this helps!
You can distribute the ad hoc build along with the provisioning profile that contains the users UDID via email, website, however you want. The tester simply drops the certificate and app onto iTunes and syncs.
If the provisioning profile expires for the user, simply generate a new one and distribute it along with the new build of the app.
If you're using a CI server, I have a quick slide deck and some supporting files for my system, which uses Hudson to automate the build process, as well as deploy the app for OTA intallation. End result is when I commit something to SVN, my clients get an email a few minutes later with a link that directly installs the new app on their phone.
If you don't have that infrastructure set up (or aren't looking to take it on as a project), I've been hearing great things about http://testflightapp.com/, although I can't say I've used them myself.