We created a IOS app and want to distribute it to our customers. The problem is that we can't give them our source code and they can't give their private key to us. How can we distribute the iOS app to our customers? We now have three different customers.
Can we create an ipa without code signing, then give it to our customers and let them code sign the .ipa file?
Just give them the IPA. It's probably easier for it to be signed with your key than not at all - it doesn't matter if it is already signed. The IPA can be unzipped like a normal zip file and then re-signed with the codesign tool as shown in the answers to this question. They can then re-zip it to obtain a properly-signed IPA file.
You can use Testflight, for example. Or Ad-Hoc distribution.
Related
I have a requirement to deploy an enterprise application to my users. Vendor has give me an IPA/Xcarchive file. But, the files are signed using vendor’s signing certificate. We don’t want to share our distribution certificate with them and, they are unable to share the xcode with us. I want to know, how can I resign ipa/xcarchive for in-house distribution?
Any help is appreciated.
Thanks
Chetan
Certificates and provisioning profile used for generating IPA contains all the details on which all devices it can be installed, so it is not possible to resign the IPA file without the source code. Below are few available options:
Get the source code: If you can get the source code then you can generate IPA file with your certificates.
Share Device UDID: You can share the device UDIDs wherein you want to install the app with the vendor (might not be a good option for large audience)
TestFlight: You can ask the vendor to upload the app on Testflight and add the users as testers/users and they will be notified for any update available aswell.
I'm developing apps for other companies. My customers want their app in App Store to show as published by their own company, not mine. Also, they don't want to give me their private key for signing apps for App Store distribution. I don't want the key myself, because I don't want any legal responsibility related to the key being lost or stolen.
They can add me as a developer on their company's team inside the Apple Developer portal, and this gives me access to publish new builds for testing. In this situation, I must sign my app with their distribution certificate, or my builds would be rejected when uploading them. Is that correct?
A possibility is that I send them the app as an IPA-file, using their app's bundle id, and sign it with my own certificate. They would then resign the app with their distribution certificate and submit it to iTunes Connect using Application Loader or similar. What is the easiest way for them to do the re-signing? Will they have to use Xcode to upload the IPA, or manually run codesign on the command line?
I'm looking to make this as easy as possible. The people receiving the builds (IPA-files) are not developers.
Try this one, you can sign IPA package by your certificate and send it to them, then ask them to re-sign it using their own certificate.
How to Re-Sign an iOS App from an External Developer
In this scenario, the customer will have to resign the IPA file they recieve from the developer and upload it to iTunes Connect themselves using Apple AppLoader or Xcode. To resign it, they will need the codesign binary provided by the Xcode command line tools (full Xcode not required, but will also work). Optionally, they can use Xcode to upload and re-sign an xcarchive.
There are some apps that give a UI to codesign, like iResign and AirSyncApp, that are more user-friendly than the command line.
Thanks to #alanc-liu for contributing information.
Its very confusing and found lots of question answers on stack-overflow. But still there is not 100% perfect solution for developer. So I want to ask question about .ipa file and embedded.provisionprofile for detailed answer of provisioning profile + Certificates + Signing Identities.
(1) How to find out .ipa file is for development or distribution??
I have extracted ipa file and found embedded.provisionprofile with UDIDs and lots more detail. But There seems very minor difference between Development and Distribution app.
(2) How many types of Certificates/Profile available?
Here I am very confuse with ad hoc method. There are 3 options when I archive project and click on distribute button Bellow is image
1st option I know. It tells to upload app to app store simple enough. Second options is confusing, there are again two type (Please correct me if I am wrong) of development, like send it to your client/friend to test on his/her device and add to TestFlight(I am not aware of this) So what is difference here??. Also third one is simple says make archive file of xcode project but what is use of that archive file??
(3) How to make easyier to understand provision profile and certificates and signing identities and keychain access exporint and all that its very confusing and sometimes it gives misleading error. Like this question.
first option is for uploading your app to AppStore
Second option:if you want to test your app in device so you have to go with this option, using this option you can generate IPA file. and this IPA will run only those device which devices UDID assigned to this IPA provisioning Profile
And i don't know about 3rd one.
We have developed an iOS app that has been delivered to the customer as an IPA with an ad-hoc distribution profile that allowed a set of their employees to install it on their devices. The customer now wishes to distribute that app internally to all their employees using their iOS Enterprise Developer program credentials.
I had hoped that the customer could simply re-codesign the ad-hoc IPA with their own enterprise identity. However, they say they can't do that. They say they "need an IPA file with the removal of the limitation to only certain devices".
So, what do I do?
Do I need to somehow create an "unsigned" IPA for them? (And if so, how do I do that?)
Do I need them to generate an Enterprise distribution provisioning profile for me so I can build the app with that profile?
Do I need to just send them the source or build output and let them build the package?
I have looked at the following documents, but they have not enlightened me:
TN2250: iOS code Signing Setup, Process, and Troubleshooting
Distributing Enterprise Apps for iOS Devices
It's completely possible to take any IPA and resign it with your own details, modifying the Info.plist, bundle ID, etc. in the process. I do this all the time with IPAs that have been signed by other developers using their own provisioning profiles and signing identities.
If they aren't familiar with the codesign command line tool and all the details of replacing embedded.mobileprovision files and entitlements, the easiest way for them to do this is for you to "Archive" the app via Xcode, and send them the generated archive file (*.xcarchive).
They can import that into Xcode so it is visible in the Organizer, and from there they can choose "Distribute" and sign it with their enterprise identity.
To import the .xcarchive file into Xcode, they just need to copy the file into the ~/Library/Developer/Xcode/Archives directory and it should appear in the Xcode organizer. Then they click "Distribute" and follow the instructions:
What kind of link do I need in order to download a .app file from Safari directly onto a device?
I want to do the same with .apk's, so any information / code snippets would be greatly appreciated.
Thanks!
You should use enterprise distribution. When you create your application archive there will be an option to do enterprise distribution. Once you do this you will get your archive as well as a .plist manifest file. Using these you should be able to create a link by following these instructions:
https://help.apple.com/iosdeployment-apps/?lang=en-us#app43ad871e
You will still need to get your users' UDIDs and create a provisioning profile for them to use. (iTunes required once)
Once that's done your users can click a link and directly install the app. (No itunes required!)
This is not possible with the current app store structure. Unless you are doing some sort of in-house distribution using an Enterprise developer license then the only way to get an app is through an app store link.
If you are thinking about using some kind of limited ad-hoc distribution you will still need to use itunes or iPhoneConfigurator to install it.