Install the full environment configuration online for AdHoc in ios (not enterprise-level for personal companies)

1. Environment

Client development: MacOs 10.8.5

Server development: Centos6.3 64-bit

2. Software preparation

Apache httpd 2.2.27

OpenSSL 0.9.8za

3. Prepare the client

The developer account of Apple is roughly divided into three types: individuals, companies, and enterprises. This article mainly describes online installation of ipa for individuals and companies. AdHoc at the company level has the following restriction: the ipa Package released online can only be installed.

In the list of Devices added to the Apple account (the Devices that are added after the IPA are published must be re-packaged with IPA, enterprise-level developer accounts do not have such restrictions.

First, we package the IPA to be uploaded in Xcode. The general process is as follows:

In this step, you need to write the server path for storing ipa in advance and save it in the corresponding plist.

After the file is saved, the corresponding ipa and plist files are generated. The client preparation is complete. So easy!

4. Server preparation

A) install openssl

Decompress and install the openssl package downloaded in step 2.

Tar zxvf openssl-0.9.8za.tar.gz
Cd openssl-0.9.8za
./Config
Make
Make install
# Tar zxvf httpd-2.2.27.tar.gz
Cd httpd-2.2.27
./Configure -- prefix =/usr/local/apache/httpd -- enable-ssl = static -- with-ssl =/usr/local/ssl
Make
Make install


Install the latest OpenSSL in/usr/local/ssl, regardless of the OpenSSL version in the system or uninstall it. Otherwise, other application errors may occur.

B) install Apache httpd

Modify/usr/local/apache/httpd/conf/httpd. conf

# Include conf/extra/httpd-ssl.conf remove the previous #

Execute./bin/apachectl start under/usr/local/apache/httpd to start apache. Because ssl is enabled, the startup will fail and the system prompts you to configure the certificate.

C) generate a certificate

Create an ssl directory in/usr/local/apache/httpd/to save the new certificate file. Then cd ssl

(1) Use openssl to select rsa asymmetric algorithm and des3 symmetric encryption algorithm to create a CA certificate:

openssl genrsa -des3 -out my-ca.key 2048

The above will generate a 2048-bit key, stored in the my-ca.key file, this file will require you to enter a password, this password will be used later in this file.

(2) then sign the certificate using the x509 Standard

openssl req -new -x509 -days 3650 -key my-ca.key -out my-ca.crt

The above step generates a CA certificate file my-ca.crt valid for 10 years, this process will let you fill in some basic information, such as the country city, company name, website name and so on, because it is self signed, just fill it out.

(3) Now that you have a CA certificate, you can use it to issue an ssl certificate to our website. Like creating a CA certificate, we need to first generate a key pair for the server

Openssl genrsa-des3-out mars-server.key 2048

(4) generate a csr Certificate file based on the key mars-server.key

Openssl req-new-key mars-server.key-out mars-server.csr

When executing the preceding command, enter basic information. Note that the value of Common Name must be the same as that of your domain Name. Otherwise, the domain Name cannot be verified by the client browser. Here I fill in the LAN ip address. If 10.21.122.22, if the ip address of your LAN host changes, you need to issue a new certificate. Therefore, we recommend that you set your host to a fixed ip address directly in routing or switching.

(5) use the CA certificate to sign the server certificate.

openssl x509 -req -in mars-server.csr -out mars-server.crt -sha1 -CA my-ca.crt -CAkey my-ca.key -CAcreateserial -days 3650

By now, we have made all the certificates we need. What needs to be done below is to deploy it to Apache.

(6) In the process of generating the mars-server.key, may set a password for this file, if the direct deployment, then the apache will be started later to enter this password, however, apache is usually automatically started when we start the system. It is too troublesome to start it manually. You can convert this file to save the trouble of entering the password:

cd /etc/apache2/sslopenssl rsa -in mars-server.key -out mars-server.key.insecure

D) configure the Certificate in Apache
Create a directory to put certificate files, such as put under/etc/apache2/ssl, including 3 files, respectively: my-ca.crt mars-server.crt mars-server.key.

Modify/usr/local/apache/httpd/conf/extra/httpd-ssl.conf as follows:

HttpsSSLEngine On
SSLCertificateFile/usr/local/apache/httpd/ssl/mars-server.crt.
SSLCertificateKeyFile/usr/local/apache/httpd/sslmars-server.key.insecure
SSLCACertificateFile/usr/local/apache/httpd/ssl/my-ca.crt.

Switch to the/usr/local/apache/httpd directory to start the server:

./bin/apache/apachectl start

Try https: // localhost/in the browser. Is it accessible ~~

E) https download configuration

After the environment is configured, It is easy. You only need to put the resources to be downloaded to the specified directory, and modify the link of index.html under the https's root directory. The simple index.html is as follows:

                
             Install this certificate to download the ios test client test

Move the my-ca.crt in the index.html, ipa, plist, and ssl folders created in the previous step to the/usr/local/apache/httpd/htdocs directory, you can install them online.

Note:

1, the first visit to the site for online installation of the device needs to install the ssl certificate, that is, the my-ca.crt created above can be installed normally ipa, and then study whether this step can be omitted.

2. Use https to access items-services: // In index.html.