Reputation: 11039
OTA ipa distribution using localhost
I've set up a local webserver running with a self-signed certificate (SSL).
I've also installed the certificate on my iOS 15.0 device and trusted it from the Device Settings. But when I load https://my-local-hostname/ which loads a download button with a link to the itms-services/.../manifest.plist, and click the download button, it shows "Unable to Install ***".
On the other hand, if I run ngrok to get a static domain with a cert signed by a trusted root CA, it works, which means that the manifest.plist configuration is correct.
Is there any way to make it work on localhost directly? Has anyone done this ever?
Upvotes: 0
Views: 1068
Answers (2)
Reputation: 11039
I finally figured it out..
For those who are interested in the solution, here are the steps for making OTA work on your local machine with localhost.
- Setup a webserver on your local machine (macOS has a built-in one)
- Install minica using homebrew (for generating SSL certificates)
- Make the website accessible through https://localhost (or https://{hostname}) (here is a nice article on how to do that)
- Use
minicato generate the certificates instead of making them on your own (simply skip theGenerate a private key and certificate for your sitestep mentioned in the article, and useminica --domains {hostname}command which will generate the necessary certificates for you instantly. You can find the generated Root CA certificate with the key at~/minica.pemand~/minica-key.pem, and your domain's certificates at~/{hostname}/(cert/key).pem, where{hostname}is the hostname of your local machine. If you're not sure what is your machine's hostname, just open the terminal and typehostname. - In the
/etc/apache2/extra/httpd-ssl.confspecifySSLCertificateFile,SSLCertificateKeyFileandSSLCACertificateFilepaths to/path/to/key.pem,/path/to/cert.pemand/path/to/minica.pemcorrespondingly. - Import
minica.pemandcert.pemto the keychain and change to "Always trust". - Restart your webserver.
- Send both
minica.pemandcert.pemto the iPhone (using AirDrop or whatever), install the profile, and trust them both from the Certificate Trust Settings screen)
That's basically it. Just use https://{hostname} instead of https://localhost everywhere in your HTML code and in manifest.plist file so that you can access the website's content from the mobile device in the same network.
Upvotes: 1
Reputation: 1526
I did some releases on a private store, and it worked in a similar way.
How it works :
Generate the ipa for entreprise distribution (with the correct provisioning profiles) Upload the ipa wherever you want, if you need something beautiful, you could make an app that lists your IPA (your own private store) with information about it, and a link to download it (look below) Upload the .plist file and make it so the url in the url field is the .ipa that you uploaded on step 1. Create a basic HTML page with this line where you want it : Users can now click it and download ;)
<a href="itms-services://?action=download-manifest&url=YOUR-UPLOADED-PLIST-FILE.plist">Click here ;-)</a>
Upvotes: 0
Related Questions
- Download and install an ipa from self hosted url on iOS
- Distribution of iPad app (.ipa format file) over website
- Export IPA for Testing instead Appstore with (ad-hoc)
- Remotely create iPA or archive build
- .ipa install over the air
- Distribute enterprise IPA using local server
- Export an OTA installable IPA from XCARCHIVE
- How do I take an IPA file and have it install remotely on an iOS device?
- xcode distribute the ipa with "in house" method
- OTA AdHoc distribution - how to build an IPA from command line?