iOS development certificate and provisioning profile, possible without internet on the Mac? - ios

I have enrolled in the iOS developer's program. I've developed an app which I would like to test on an iPad device. For security reasons, I cannot have a direct internet connection on the Mac I am developing in.
I understand I can generate the certificate signing request and transfer it to another computer (this computer can have an internet connection), then upload it to the apple website. This is where the tricky part comes: the developer certificate will be pending, until I download the WWDR intermediate certificate and install it on the Mac without internet. Then after I refresh the page nothing happens, of course, because the Mac in which I registered the WWDR has no way of communicating with apple.
Is there another way of obtaining this certificate, or is there a method I could use, other than connecting the Mac to the internet?

To overcome this problem, you need to share certificates for multiple device. You can easily export certificates from /Applications/Utilities/Keychain Access in .p12 format & install that to other computer & after that you can sync all provisional, Adhoc & App Store profiles.
You can follow this tutorial and these link for step by step process.

Related

How to generate a Xamarin IPA file

Might be a simple question but I'm struggling to get the IPA file for iOS devices. I've read that I need an account at Apple Developer Program. I don't want to publish the app to the App store. I've also read that I need to use Ad-Hoc to build the IPA file that I don't need to publish. Can someone maybe just clarify for me I'm a bit lost.
The apk builds and runs without a problem
I'm using Microsoft Visual Studio Enterprise 2019 Version 16.9.2
MacOS Big Sur Version 11.2.3 virtual Machine.
xCode Version 12.4
Thanks in advance
Certification
Certification of computer development
qualifications, each developer account has a set, divided into two
types:
Developer Certification
installed on the computer to provide permissions: the developer was able to test the app
on a real machine. A copy can be generated for
installation on multiple computers;
Distribution Certification
Distribution Certification is installed on the computer to provide the
permission to publish iOS programs: developers can make test versions
and release versions of programs. Copy is not allowed, only the
computer equipped with the certificate can be used; (the copy is
introduced in the Keychain below)
Provisioning Profile
Authorization file is the authorization for devices such as iPod
Touch, iPad, iPhone. What is recorded is the UDID of the device and the
App Id of the program. Only the authorized device can install or
debug the program corresponding to the Bundle identifier(App Id) and the App
Id recorded in the authorization file. Developer account will select
App Id when creating authorization file, (add in App Id under
developer account, single choice) and UDID (add up to 100 in Devices
under developer account, multiple choice).
There are two types of authorization files, corresponding to the corresponding certificates:
Developer Provisioning Profile (development authorization file)
Is used on a computer with a development certificate or a copy, and
the developer selects the authorization file to install the program to
the authorization file record through the computer In the device, then you
can test on the real machine. Note: Ensure that the computer has
permission to debug on the real machine, that is, install the
development certificate or copy; the Bundle identifier of the program
in the development tool must be the same as the App Id of the selected
authorization file; the UDID of the device connected and debugged is
in the selected authorization file There are records.
The Distribution Provisioning Profile (release authorization file)
Is used to make the test version and the release version of the
program on the computer with the distribution certificate (that is,
the computer with the configuration certificate, there is only one).
The release version is the program file published on the App Store.
When the developer account creates the authorization file, select the
store option and select the App Id without selecting the UDID; the
beta version is the program file that can be synced to the device by
the tester before the release. When the developer account creates the
authorization file, select AdHoc, select App Id and UDID; only the
device corresponding to the selected UDID can install the program made
by the authorization file.
The Keychain (development key)
Will generate a Keychain under the certificate when the certificate is
successfully installed. The certificate copy mentioned above is to
export the Keychain (that is, the .p12 file) through the computer that
configures the certificate and install it on other computers so that
other computers can get it. Permission corresponding to the
certificate. Developer Certification can make a copy of Keychain and
distribute it to other computers for installation so that it can be
tested on the real machine. Note: Distribution Certification can only
be used by the computer with the certificate. Therefore, even if the
exported Keychain is installed on other computers, other computers may
not have the authority of the certificate.
You need to have an Apple developer account for that.

How to use installed SSL certificate to secure iOS app?

I am trying to secure a iOS app by checking the installed SSL certificate exists or not. First I created a self-signed certificate with OpenSSL, and then install it to my iPhone. Right now I need to programmatically check this certificate is installed or not. If it exists, the app can run without limit, if not, use won't be able to use the app. So how to programmatically check this device is installed or not in my app code?
Why do we need to install SSL certificate on our iOS devices?
Users can install digital identities (certificates plus their
associated private keys) onto their iOS devices by downloading them
from within Safari, by opening them as email attachments, and by
installing them with configuration profiles. Or, identities can be
pushed from a Mobile Device Management (MDM) server. However,
identities installed in any of these ways are added to the Apple
keychain access group.
Refer below links for more info.
https://forums.developer.apple.com/thread/52345
https://developer.apple.com/library/archive/qa/qa1745/_index.html

In an Enterprise iOS app, how to replace the *.mobileprovision file on device after existing profile expired, but without re-signing the IPA?

We have a series of iOS Enterprise applications that were built with Telerik Cordova (discontinued in May 2018). Those apps are in the process of being converted to a new platform, but in the mean time they must continue to service client needs.
The distribution certificate the apps were built with is valid for another 14 months or so, but the provisioning profiles expire in a few days. Since these are Enterprise apps they will expire with the profiles.
Unfortunately, Telerik can no longer rebuild the apps using an updated profile for us. We have re-signed the apps using new provisioning profiles (using both iReSign and Terminal). When we try to side-load the resulting IPAs through the XCode Devices panel, we get an error stating that the entitlements do not match and the apps are not installed.
The question was raised as to whether or not we not need to re-sign the apps since the certificates are still valid. Perhaps it would be possible to just replace the .mobileprovision file on the device somehow? I gave it a try using iTunes Sync but I cannot confirm whether the file actually went to the device or not.
Question: Is it possible to just update the *.mobileprovision on the device without re-signing the app? If so, could someone please give me the steps or direct me to a link to perform the steps?
Alternate Question: Otherwise, any thoughts on how to resolve my Entitlements issue? The app only needs Push Notifications, but Game Center and In-App Purchases are also enabled. These are reflected in the App ID and provisioning profile, and the distribution certificate is of type Apple Push Services.
I should point out that I am not an admin on the Apple Developer portal for the project as I am an outside consultant, so my portal access is strictly read-only.
Thanks in advance for any direction provided!
If the applications were distributed to the devices by an MDM, then you can push a new provisioning profile to them using the MDM.
If the applications were installed over the air from a web server or directly using iTunes or Apple Configurator, then you need to replace the entire application package on the device. This requires the app to be re-signed, since the changed .mobileprovision file will change the package signature.
If you don't have the original, app ID with matching entitlements in the developer portal, then you will need to delete the existing application from the device before installing the new, re-signed application. You won't be able to do an in-place upgrade.

How to install self signed certificate in iOS 10

It appears that Apple has removed the ability to trust SSL certificates that are self-signed in iOS 10.
I created my own self-signed certificate and have a local web server that signed with my certificate. I must install my certificate in iOS for testing locally as I have developed an iOS application that needs to trust my certificate.
How can I install my self-signed certificate?
Good news, they haven't. If you just need this for development purposes, which it sounds like you do (and you shouldn't be using self-signed certificates in production anyway), you can install the self-signed certificate on your iOS devices manually. Following the equivalent FAQ for my iOS Web Bluetooth browser app:
Create your self-signed certificate and key files using openssl or however. Be sure it has the correct /CN “Common Name” for your local server, e.g. mycomputer.local.
Configure your webserver to use it (obviously) and check that it is working using a different client, such as a browser on a Mac.
Email your certificate to an email address you can access on your iOS device.
Tap on the attachment in Mail on your iOS device, this should now prompt you to install it. Do so.
You should now verify that it is installed by going to the Settings app then General -> Profile -> <Common Name>. The Profile menu probably won’t be there at all until you’ve installed the first certificate. The certificate should be marked Verified (it was verified by you when you installed it).
You might, like I did, have thought this would be enough. It isn’t. You now, really counter-intuitively, need to go to the setting General -> About -> Certificate Trust Settings and enable full trust for your certificate there as well. It’s such a weird place for that setting to be.
The installation of own root certificates changed at some point (maybe somebody can confirm, if it was at iOS 11).
What you need to do is with your Mac, get Apple Configurator 2 and create a profile containing your certificate. The resulting mobile profile file can be installed from Safari or email.

AppleWWDRCA certificate needed *at all* for OpenSSL signing?

Does the AppleWWDRCA.cer have any bearing on developing certificates using OpenSSL? If so, what? If not, what is it's use?
Edit:
I am using Windows. I do not need an answer concerning Mac development.
So far, using OpenSSL, I have created development apps (signed, and with certificates), ad hoc apps for multiple developers (signed, and with certificates), and they all have worked just fine. This is (probably) only a question about whether it is needed to put an app in Apple's App Store.
No, the WWDR Certificate is only used to authorize your app for selling/integrating on the Apple App Store.
Public OpenSSL certificates are (generally) given to your application from an outside Certificate Authority and used by your users to authenticate (prove that your application is indeed what it claims to be) your application and encrypt the data they send in a SSL connection. These can be generated entirely independently of your WWDR certificate.

Resources