Today after upgrading iOS7.1 found that through the previous url can not install the enterprise application, has been prompted "unable to install the application because the http://xxx.xxx.xxx certificate is invalid", tossing a bit, finally, I found the answer on StackOverFlow. Here we will share with you.
StackOverFlow link: http://stackoverflow.com/questions/20276907/enterprise-app-deployment-doesnt-work-on-ios-7-1/22325916#22325916
The reason is that to install an enterprise application on iOS7.1, the url must be https rather than http, which requires our server to support https. Therefore, as long as the original link is:
itms-services://?action=download-manifest&url=http://example.com/manifest.plist
Change
itms-services://?action=download-manifest&url=https://example.com/manifest.plist
You can.
For servers, you need to add https support. I use the apache server, so here we take the apache server as an example:
1. install apache version with SSL module, I use httpd-2.0.65-win32-x86-openssl-0.9.8y
2. Open the configuration file conf/httpd. conf of apache and remove the following content before #
LoadModule ssl_module modules/mod_ssl.so
Add the following at the end of the file:
<VirtualHost *: 8080> ServerAdmin zhaoxinyan12@mails.tsinghua.edu.cn (random) DocumentRoot D:/Server (Server root directory) ServerName 166.111.81.xxx (Server domain name or IP address) errorLog logs/test-error_log CustomLog logs/test-access_log common SSLEngine on SSLCertificateFile "D:/Program Files/Apache Group/Apache2/conf/ssl. crt/server. crt "(the complete path for generating the certificate later) SSLCertificateKeyFile" D:/Program Files/Apache Group/Apache2/conf/ssl. key/server. key "(the complete path for generating the key later) </VirtualHost>
3. Modify the following content in the conf/ssl. conf file: (the modified content is as follows. For details, refer)
#SSLSessionCache none#SSLSessionCache shmht:logs/ssl_scache(512000)SSLSessionCache shmcb:logs/ssl_scache(512000)#SSLSessionCache dbm:logs/ssl_scache...SSLCertificateFile conf/ssl.crt/server.crt...SSLCertificateKeyFile conf/ssl.key/server.key
4. Create the ssl. crt and ssl. key directories under the conf directory (do not create the directory, as long as the above two paths correspond to the subsequent file paths)
5. Switch to the bin directory under the apache directory under the command line and run the following command
Generate the private key of the server:
openssl genrsa -out server.key 1024
6. Generate the signing application (note that except the Common Name, the Common Name must be the server's ip address or domain Name ):
openssl req -new –out server.csr -key server.key -config ..\conf\openssl.cnf
7. Generate the CA private key:
openssl genrsa -out ca.key 1024
8. Use the private key of the CA to generate the self-signed certificate of the CA (note that except the Common Name, the Common Name must be the ip address or domain Name of the server ):
openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config ..\conf\openssl.cnf
9. Create the files index.txtand serialin the current directory, and the serialcontent is, index.txt is empty, and the folder newcerts.
10. CA signs a certificate for the website Server:
openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key -config ..\conf\openssl.cnf
11. Finally, copy server. crt and server. key to the corresponding path above:
conf/ssl.crt/server.crtconf/ssl.key/server.key
12. Restart the Apache server to support https. You can access https: // localhost in the browser. If not, you can see the error in the logs \ test-error_log file.
13. Finally, we will install the self-created CA certificate on the iphone. Send the ca. crt file generated in step 1 to the iphone by email, and use the built-in Mail program (other programs do not work) to open the installation.
14. Now, visit our previous itms-services link and you will be able to install it normally.
If you feel helpful to yourself, I hope you can help me with it. Thank you :) my blog: Sorry!