My company recently joined iOS enterprise program to distribute in-house app to our employees. We choose over-the-air installation for our app and put the .plist and .ipa file inside our web server which are protected by our Id/password mechanism. It's means that you must log into our web site first then you can install the app. The whole process works fine when we put these files in open area(not protected by ID\password). However, once we put files behind protected it's showed "can not connect to example.com " and Xcode’s device console view shows
“Jul 21 11:17:39 unknown itunesstored[385] : Could not load
download manifest with underlying error: Error Domain=SSErrorDomain
Code=2 "can not connect to iTunes Store" UserInfo=0x1c551fb0
{NSLocalizedDescription= can not connect to iTunes Store}”.
I guess it’s because the session it’s not the same when we open the itms-services://… link which iOS called the process to install the app.
The iOS installer is a sandboxed process that will only make an itms-services request. There is absolutely no way of forcing the installer to authenticate to your backend server. You will need to make your plist an unprotected resource or roll your own authentication mechanism based on values in the url. Also, you can't use self-signed certificates to SSL protect your plist.
Related
I have gone through dozens of articles, stackoverflow questions and sites, my only requirement is to send .ipa file through url where client could check it in safari and install.
does not want third party installation, I've got my own server
my server is not having ssl that means it can be sent only http not https. please dont ask me to have ssl.
could able to install in any ios device, udid is not added to enterprise certificate.
My problem is when I am keeping these 3 file that are a) index.html. b)manifest.plist. and c).ipa file in server and trying to install in device, I am getting an pop up message saying that "certificate is not valid." Please help.
Hope the link below helps you out.
http://readwrite.com/2010/12/16/apple-best-kept-secret-how-to-do-ad-hoc-installs
But i dont think Apple allows you to distribute using http. Https is a mandatory for the URL that the user uses to download. So until you get a https i dont see that issue being solved
Your own server should be fine. As long as your .plist and .ipa are both accessible on the network to which the iPhone is connected.
Unfortunately, starting with iOS 7.1, app installs must be accessible over SSL (https).
The only way to do this is with an enterprise distribution profile. You will need to have an enterprise account to do this, which will require a company's EIN. So you can't do this as an individual developer. (https://developer.apple.com/programs/enterprise/)
You are seeing the error because of the lack of a valid SSL certificate on your server. iOS is swapping your http:// link in your plist with https:// (see this post: https://stackoverflow.com/a/20276908/3708242), which as you said does not have ssl enabled.
Bottom line, you'll need to get a server with SSL to host the files. Also, if you don't want / can't manage the UDIDs for the devices, you will need to get yourself an enterprise account so you can create an enterprise distribution profile to use to build your app.
There are online tools that simplify this process of sharing, for example https://abbashare.com or https://diawi.com
Create an ipa file from xcode with adhoc or inhouse profile, and upload this file on these site.
I prefer abbashare because save file on your dropbox and you can delete it whenever you want
I've set up Universal Links in our app, and I'm unable to retrieve the apple-app-site-association file from my server on app install. The device console is giving the following error where it attempts to retrieve the file during the install:
Rejecting URL 'https://example.com/apple-app-site-association' for auth method 'NSURLAuthenticationMethodServerTrust': -6754/0xFFFFE59E kAuthenticationErr
I'm able to retrieve the file successfully in Safari using the same device. It's hosted via https with a standard verisign issued EV cert. I don't get any SSL errors when retrieving the file outside of app install, so I'm confident the cert is configured correctly on the server side.
What could be causing this error?
As it turns out this issue was caused by having Worx by Citrix installed on the phone. This app installed a profile by XenMobile on the phone that was interfering with the ssl handshake between our server and apple. This was only the case when installing test apps on the phone. Our production app downloaded from the App Store works just fine. Also, if I remove the Citrix apps and the associated XenMobile profile, it works. Very annoying.
For me the issue was a missing capability entry: activitycontinuation:com.example.app. For some reason, when the apple-app-site-association file is hosted on an IIS server that capability needs to be added in addition to applinks:com.example.app.
Is there a concise guide to signing and distributing apps over the air for iOS? We have an extremely simple app to be distributed in-house to five or six users. Not going to get a $10000 MDM solution.
Apple's documentation is absolutely incomprehensible.
Sorry, been futzing with this for two days.
We have an iOS app. I can install it on my phone for debugging using xcode. Runs perfectly.
We loaded the plist, ipa, and icons onto an IIS server. The IIS Server is secured using an SSL cert. You have to log in, and then click on a link to be taken to the page with the download link. So even getting to the link means you have authenticated.
All the links in the plist file are https links.
I can manually type the https address for the plist file and I get an XML file in Chrome or Safari from my PC, my Mac, or my iPhone.
If a person hits the link on an iPhone, "cannot connect to server www.example.com". In the iPhone console, I see the error message SSErrorDomain Code=2 cannot log into iTunes.
Driving me crazy. As best as I can tell, the itms prefix is not using the https link, but how to tell?
For in-house distribution (outside the App Store), you need to have an enterprise developer account, and sign the app with an Ad Hoc Provisioning profile.
If you don't have an enterprise account, you'll have to specify a list of devices when creating the provisioning profile (not recommended).
You could then host the app on a web server, and have the users download it through Safari.
Got it to work. Praise the Lord.
I moved the ~/app directory from a server that required authentication to one that does not but only holds the app and nothing else. The server is secured by a SSL certificate issued by GoDaddy so it's not self signed.
I think that Apple was trying to come back to the site somehow to check something and the authentication/redirection was blowing that up.
I also edited the plist and index.html files manually removing all white space (tabs & spaces) which had been inserted.
Gonna test it on a wider audience now.
I have built an iPhone application in Xcode and have generated all of the required certificates and provisioning profiles on Apple's developer website. I have installed the certificates on my computer and the test phone I am using has my OTA distribution profile installed on it.
I have built and exported the application using my distribution profile and certificates and put the xml/plist and ipa files on an SSL secured web server and whenever I try to download the app, it asks if I want to install it and then the installation immediately fails and it tells me the app could not be downloaded. However, I have uploaded the ipa file to Diawi.com and using their website I can install the same app on the phone without any issues.
I do not want to have to rely on a 3rd party service for hosting my application.
Things to check:
Make sure your devices UDID is part of the AdHoc provisioning profile you are using
Make sure you are signing the archive with this profile
Make sure the manifest is correct, all URLs (especially any references to images)
Make sure your web-server is setup to recognize .ipa and .plist as the proper MIME types (this has got me a couple of times)
We are new to iOS development and this is our first application for iPad that we are developing for our organization.
We have developed app in Xcode 4.1 with iOS SDK 4.3.2 .
We have created provisioning profile and added 4 iPad device UDIDs in the profile.
We have created app.ipa file and kept it on our internal webserver ( along with app.plist ). Then we have created simple html file which contains pointer to app.plist.
We try to install the app on the device by accessing the html file URL through safari. However the application gets stuck in "loading... " state and after long time it gives error unable to download the application. We have checked the network connectivity , the webserver logs and everything seems to be fine.
Another odd behaviour we have observed is that while the application installation is in loading state and we connect the iPad to the development machine. When itunes prompts for syncing the device we cancel the sync. Then we disconnect the cable and connect and again when it prompts for syncing we again cancel it. At this time the application gets installted. But this is happens on only one iPad. On 2 other iPads it doesn't get installed and stays in loading state. On one iPad it got installed without issues.
We are now stuck because we have to distribute this application to many users in our organization and not able to do so.
You could check the following
The provisioning file is for ad hoc distribution
The provisioning file is selected in the Code signing Identity -> Release section of the build settings of your project
You selected Product -> Archive, then pressed "Share" when the Organizer window opens.
Next step: make sure the provision file is selected
Next step: Select "Save for Enterprise Distribution". The application URL has to be the exact web address on the ipa file
You can find more detail about the process in this article
Thanks all for your answers which pointed to many useful resources for us newbie developers.
I found the cause of my problem. The device requires to connect to apple sites to verify the certificate. Since the device was in our internal wireless network and I had removed proxy settings from the device it was not able to connect. Once I gave the proxy settings it installed without problems. One point to be noted though was it was not working with proxy authentication enabled hence I had to enable IP address based access for the device.
Thanks once again for you responses.
You have problem with your provisioning profile.
The problem is that you don't sign app properly and iOS5 has changed notification that app cannot be installed with loading message only, on iOS4 it was message and app would be deleted from springboard.
You need to set in project properties under build settings code signing identity on the ad-hoc certificate that you have created. When you build app for archive sign it again like you did before with the same certificate and then try to install on device.
I use beta builder for creating index, plist and other files for web server, but you can use whatever you like.
http://www.hanchorllc.com/2010/08/24/introducing-ios-beta-builder/