Http://article.yeeyan.org/view/187048/177876
Users can purchase, download, and install commercial applications through the App Store. However, if your enterprise application is only available to your employees, the application service must be accompanied by a digital signature certificate issued by Apple in the developer enterprise plan. In addition, you need to create an enterprise allocation configuration file to allow devices to use these applications. If no valid configuration file is available, the application cannot be opened.
How to Create a distributed enterprise application for iOS 4 devices?
Users can purchase, download, and install commercial applications through the App Store. However, if your enterprise application is only used by your employees, the application service must be accompanied by a digital signature certificate issued by Apple in the developer Enterprise Project. In addition, you need to create an enterprise allocation configuration file to allow devices to use these applications. If no valid configuration file is available, the application cannot be opened.
To deploy an internal application, follow these steps:
· Register Apple's iOS developer Enterprise Project
· Prepare distributed applications.
· Create an enterprise allocation and supply configuration file that allows devices to use signed applications.
· Build applications with supply configuration files.
· Deploy related applications to your users.
Register an application developer Project
To develop and deploy custom applications for ios4, you must first register the iosdeveloper enterprise project at http://developer.apple.com/programs/ios/groovise.
After completing the registration process, you will be able to access the iOS development center and supply portal. It contains detailed instructions on how to prepare enterprise distributed applications.
Prepare distributed applications
Your enterprise application must be accompanied by your signed Distribution Certificate and an enterprise distribution configuration file that allows devices to use these applications. The designated team proxy of your program member will create and assign certificates and configuration files in the online supply portal.
Generating and distributing certificates involves using the certificate proxy to generate a "Certificate Signature request" (that is, CSR), and the certificate proxy is part of your Mac OS X development system's key string to access the application. After a "Certificate Signature request" is generated, You need to upload the CSR to the portal of the configuration file, and then you will receive an allocation certificate. After the certificate is installed on the key string, the development tool will use the certificate to sign your application. For more information, see help provided by the enterprise documentation Portal online.
Second, you need to create an enterprise distributed configuration file to ensure that your users can use your applications through their devices. You can create an enterprise distributed configuration file for a specific application or multiple applications.
The team agents you specify for your enterprise are able to create allocation profiles on the IOS supply portal (http://developer.apple.com/iphone. For more information, see website.
Deploy applications
Three ways to install an application are as follows:
· Use iTunes to distribute applications to your users.
· Use the iPhone Configuration Utility and the IT administrator to install the application on the device.
· Place these applications on a secure web server. Users can access and install these applications wirelessly.
If your application does not have an embedded configuration file, you need to use the app and mobileprovision files to use the program software. The method for allocating and installing the mobileprovision file is the same as that for installing the application.
Use iTunes to install applications
Your users use iTunes to install applications on their devices. Securely allocate applications to your users and ask them to follow these steps:
In iTunes, select "file"> Add to library, and select a file (app, IPA, or mobileprovision). You can also drag the file to the app icon of iTunes.
1. Connect a device to your computer and select the device from the device list in iTunes.
2. Click the application tag and select an application from the list.
3. Click "application ".
If your computer is, you do not need to ask the user to add files to iTunes. You can deploy these files on their computer and notify them to synchronize their devices.
Use the iPhone Configuration Utility to install the application
You can use the iPhone Configuration Utility to install applications and files on the connected device.
Install the allocation configuration file:
1. In the iPhone configuration application tool, select "file"> "add" to the library, and then select the configuration file you want to install.
After the file is added to the iPhone configuration application tool, you can select the configuration file category in the library to view the file.
2. Select a device from the connection device list.
3. Click the "configuration file" tab.
4. Select the configuration file in the list and click "Install.
Use the iPhone Configuration Utility to install the application
You can use the iPhone Configuration Utility to install the application on the connected device.
1. After the application is added to the iPhone configuration application tool, you can view the application by selecting "Application category" in the library.
2. Select a device from the connection device list.
3. Click the "application" tab.
4. Select an application in the list and click "Install.
Wireless application installation
Ios4 Supports Wireless installation of enterprise application systems, so that even if you do not use iTunes or hone to configure the application tool, you can also distribute internal software to your users,
Requirements:
· A Secure Web site that can be accessed by authenticated users.
· Internal iOS app with IPA File Format
· A list of Extensible Markup Language (XML) files described in this article
· A network configuration allows devices to access the Apple iTunes server.
Installing an application is simple. You can download the configuration file from your website to your iOS 4 device, indicating the device to download and install the application referenced in the configuration.
You can allocate URLs through text messages or email download list files, or embed them into another enterprise application you have created.
You can design and create websites for application allocation as required. First, you must ensure that all users are authenticated by identity, basic authentication methods or directory authentication methods, and that the website can be accessed through the Intranet or the Internet. Applications and lists can be stored in a hidden directory or any other location that is readable by HTTP or HTTPS.
Prepare an enterprise application for wireless assignment
To prepare an enterprise application for wireless assignment, you need to create an archive version in IPA file format and a configuration file that allows the application to be wirelessly allocated and installed.
In xcode, you can use the "new"> "new and archive" menu to create an application document. Select an application from the archive application source in xcode File Manager and click "share application ..." Button. Then click "allocate Enterprise ..." Button. You need to provide information for the List File Created by xcode. For more information about the configuration file, see the following section. For more information about how to create and configure an application, see Ios Development Center.
Wireless list
This list is an XML property list (plist) file. With ISO 4 devices, you can find, download, and install applications from your Web server through this list. This list is created by xcode and uses the information you provide when sharing distributed enterprise applications. See "prepare an enterprise application for wireless assignment ".
For a list sample in plist format, see the end of this article. The following content must be included:
Project
Description
URL
Fully Qualified HTTP or https url for IPA Application Files
Show images
PNG images with 57x57 pixels are displayed during download and installation. A detailed description of the URL of the image that is fully qualified
Full-size image
A png image that represents an application in iTunes with a pixel of 512x512
Package ID number
The package ID of the application you specified in the xcode Project
Package version
The package version you specified in the xcode Project
Name
Name of the application file displayed during download and Installation
Optional keys
You can use an optional key, which is described in plist format. If your application file is large and you want to perform more than normal error checks during TCP communication to ensure the download integrity, you can use the MD5 key.
Build your own website
Upload these three items to a forum on your website so that your authenticated users can access them.
· IPA Application Files
· List file in plist format
The website design depends on you. It can be a simple web page linked to the configuration file. Click the network link to download the configuration file. The application described in the configuration file will also be downloaded and installed.
The following is an example of a link:
Install the application
Do not add network links to the storage application (in IPA format. After the configuration file is downloaded, the device downloads the stored application. Although the Protocol Part of the URL is an itms service, this program does not include the iTunes store.
Set the MIME type of the server
You may need to configure your network server to make the list and application files transmitted correctly.
For Mac OS X servers, use the Server Manager to add the following MIME types to the MIME type settings.
Application/octet-stream IPA
Text/XML plist
For IIS, you should use the IIS Manager server to add the MIME type to the properties page of the server:
. IPA application/octet-stream
. Plist text/XML
Troubleshoot wireless application allocation
Enterprise applications must bear in mind the following points:
If the Information allocated to the wireless application cannot be downloaded, check the following:
· Ensure that the link in the configuration file is correct and that the user can access the configuration file.
· Ensure that the URL of the IPA file (in the list file) is correct and that the user can access the IPA file.
· Ensure that the application is signed correctly. Use the iPhone Configuration Utility to install it on a device for a test.
Network Configuration Requirements:
If the device is connected to a closed internal network, you should allow iOS devices to be used on these websites.
URL reason
Ax.init.itunes.apple.com devices on this website can obtain the size limit of the current files of applications downloaded through the cellular network. If the website cannot be accessed, the installation may fail.
The devices connected to ocsp.apple.com on this website are used to check the Distribution Certificate Status used to sign the configuration file. See "certificate verification ."
Provides updated application systems
Applications you allocate to yourself cannot be updated automatically. When you have a new version for users to install, notify them of the updates and instruct them to install the updated applications. After opening the application, you also need to use the application to check the update effect. If you are using wireless application allocation, you can add a link to the list file of the website or the updated application system. If you are using iTunes, install a new application system on their devices. If you are using the iPhone Configuration Utility, connect them to the IT administrator to install the new version. You will need to update all your enterprise applications at least once a year. See "certificate verification ."
If you want users to keep the data stored on their devices, make sure that the new version uses the same package ID as the replaced application. And tell the user not to delete their previous versions before installing the new version. The new version replaces the old version and retains the data stored on the device, provided that the package ID number must match.
Certificate verification
When the application is enabled on the device for the first time, it is verified by assigning a certificate to the Apple OCSP server. The application can run unless the certificate has been revoked. Unable to connect or get a response from the OCSP server cannot be interpreted as the certificate has been revoked. To authenticate your identity, the device must be able to access ocsp.apple.com. See "network configuration requirements ."
The OCSP Response is cached on the device within the time specified by the OCSP server; currently, it is 3 to 7 days. The validity of the certificate will not be checked until the device restarts and the cached response has expired. If the revocation is received at this time, the application will not be able to run. Please note that revoking the certificate will invalidate all applications you allocate.
If the assigned certificate expires, the application cannot run. Currently, the certificate is valid for one year. You need to apply for a new assignment certificate from the Development Center several weeks before your Assignment Certificate expires and use it to create a new allocation configuration file, then re-compile and assign the updated application to your users. See "provide updated applications ."
Sample of the list file:
Items
Assets
Kind
Software-Package
Md5-size
10485760
Md5s
41fa64bb7a7cae5a46bfb45821ac8bba
41fa64bb7a7cae5a46bfb45821ac8bba
URL
Http://www.example.com/apps/foo.ipa
Kind
Display-Image
Needs-shine
URL
Http://www.example.com/5742457.png
Kind
Full-size-Image
MD5
61fa64bb7a7cae5a46bfb45821ac8bba
Needs-shine
Urlhttp // www.example.com/image.512316512.jpg
Metadata
Bundle-identifier
Com. example. fooapp
Bundle-version
1.0
Kind
Software
Subtitle
Apple
Title
Example shortate app