Deploy iOS Enterprise Apps - hewigovens/hewigovens.github.com GitHub Wiki
##Example
Put the app on a secure web server; users access and perform the installation wirelessly.
install.html:
<a href="itms-services://?action=download-manifest&url=http://www.example.com/TestApp.plist">Install TestApp</a>
TestApp.plist:
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<!-- array of downloads. -->
<key>items</key>
<array>
<dict>
<!-- an array of assets to download -->
<key>assets</key>
<array>
<!-- software-package: the ipa to install. -->
<dict>
<!-- required. the asset kind. -->
<key>kind</key>
<string>software-package</string>
<!-- optional. md5 every n bytes. will restart a chunk if md5 fails. -->
<!--<key>md5-size</key>
<integer>12597301</integer>-->
<!-- optional. array of md5 hashes for each "md5-size" sized chunk. -->
<!--<key>md5s</key>
<array>
<string>1fe027f90698b1b407dea45700e12a3c</string>
</array>-->
<!-- required. the URL of the file to download. -->
<key>url</key>
<string>http://www.example.com/TestApp.ipa</string>
</dict>
<!-- display-image: the icon to display during download .-->
<dict>
<key>kind</key>
<string>display-image</string>
<!-- optional. indicates if icon needs shine effect applied. -->
<key>needs-shine</key>
<true/>
<key>url</key>
<string>http://www.example.com/Icon57.png</string>
</dict>
<!-- full-size-image: the large 512x512 icon used by iTunes. -->
<dict>
<key>kind</key>
<string>full-size-image</string>
<key>needs-shine</key>
<true/>
<key>url</key>
<string>http://www.example.com/Icon512.png</string>
</dict>
</array><key>metadata</key>
<dict>
<!-- required -->
<key>bundle-identifier</key>
<string>com.example.TestApp</string>
<!-- optional (software only) -->
<key>bundle-version</key>
<string>1.0</string>
<!-- required. the download kind. -->
<key>kind</key>
<string>software</string>
<!-- optional. displayed during download; typically company name -->
<key>subtitle</key>
<string>Example</string>
<!-- required. the title to display during the download. -->
<key>title</key>
<string>Example TestApp</string>
</dict>
</dict>
</array>
</dict>
</plist>Notes from: https://www.apple.com/iphone/business/docs/iOS_Deployment_Technical_Reference_EN_Feb14.pdf
###In-house Apps If you develop your own iOS apps for use by your organization, the iOS Developer Enterprise Program lets you deploy the in-house apps. The process for deploying an in-house app is:
- Register for the iOS Developer Enterprise Program.
- Prepare your app for distribution.
- Create an enterprise distribution provisioning profile that authorizes devices to use apps you’ve signed.
- Build the app with the provisioning profile.
- Deploy the app to your users.
####Registering for app development
To develop and deploy in-house apps for iOS, first register for the iOS Developer
Enterprise Program.
Once you register, you can request a developer certificate and developer
provisioning profile. You use these during development to build and test your app.
The development provisioning profile allows apps signed with your developer
certificate to run on registered devices. You create the developer provisioning
profile at the iOS Provisioning Portal.
The ad hoc profile expires after three months and specifies which devices (by device ID) can run development builds of your app.
You distribute your developer signed build and the development provisioning
profile to your app team and testers.
####Preparing apps for distribution
After you finish development and testing and are ready to deploy your app, you
sign your app using your distribution certificate and package it with a provisioning
profile.
The designated Team Agent or the Admin for your program membership creates the certificate and profile at the iOS Provisioning Portal.
Generating the distribution certificate involves using the Certificate Assistant (which is part of the Keychain Access application on your OS X development system) to generate a Certificate Signing Request (CSR).
You upload the CSR to the iOS Provisioning Portal and receive a distribution certificate in response. When you install this certificate in Keychain, you can set Xcode to use it to sign your app.
####Provisioning in-house apps
The enterprise distribution provisioning profile allows your app to be installed
on an unlimited number of iOS devices.
You can create an enterprise distribution provisioning profile for a specific app, or for multiple apps.
Once you have both the enterprise distribution certificate and provisioning profile installed on your Mac, you use Xcode to sign and build a release/production version of your app.
Your enterprise distribution certificate is valid for three years, after which you’ll have to sign and build your app again using a renewed certificate.
The provisioning profile for the app is good for one year, so you’ll want to release new provisioning profiles annually. See “Providing Updated Apps” in Appendix C for further details.
It’s very important that you limit access to your distribution certificate and its private key. Use Keychain Access on OS X to export and back up these items in p12 format. If the private key is lost, it cannot be recovered or downloaded a second time. In addition to keeping the certificate and private key safe, you should restrict access to personnel who are responsible for final acceptance of the app.
Signing an app with the distribution certificate gives your company’s seal of approval for the app’s content, function, and adherence to the Enterprise Developer Agreement licensing terms.
##References
- Require iOS Enterprise Account
- Distributing Enterprise Apps for iOS Devices