I’ve set up a local webserver running with a self-signed certificate (SSL).
I’ve also installed the certificate on my iOS 15.0 device and trusted it from the Device Settings. But when I load https://my-local-hostname/ which loads a download button with a link to the itms-services/.../manifest.plist
, and click the download button, it shows "Unable to Install ***".
On the other hand, if I run ngrok to get a static domain with a cert signed by a trusted root CA, it works, which means that the manifest.plist configuration is correct.
Is there any way to make it work on localhost directly? Has anyone done this ever?
Question posted in Xcode
Whether you're new to Xcode or an experienced developer, our archive has everything you need to know about this integrated development environment (IDE). From basic functionalities to advanced features, our archive covers a wide range of Xcode-related questions and answers. Browse our archive now and find solutions to your Xcode questions, and take your app development skills to the next level
Whether you're new to Xcode or an experienced developer, our archive has everything you need to know about this integrated development environment (IDE). From basic functionalities to advanced features, our archive covers a wide range of Xcode-related questions and answers. Browse our archive now and find solutions to your Xcode questions, and take your app development skills to the next level
2
Answers
I finally figured it out..
For those who are interested in the solution, here are the steps for making OTA work on your local machine with localhost.
minica
to generate the certificates instead of making them on your own (simply skip theGenerate a private key and certificate for your site
step mentioned in the article, and useminica --domains {hostname}
command which will generate the necessary certificates for you instantly. You can find the generated Root CA certificate with the key at~/minica.pem
and~/minica-key.pem
, and your domain's certificates at~/{hostname}/(cert/key).pem
, where{hostname}
is the hostname of your local machine. If you're not sure what is your machine's hostname, just open the terminal and typehostname
./etc/apache2/extra/httpd-ssl.conf
specifySSLCertificateFile
,SSLCertificateKeyFile
andSSLCACertificateFile
paths to/path/to/key.pem
,/path/to/cert.pem
and/path/to/minica.pem
correspondingly.minica.pem
andcert.pem
to the keychain and change to "Always trust".minica.pem
andcert.pem
to the iPhone (using AirDrop or whatever), install the profile, and trust them both from the Certificate Trust Settings screen)That's basically it. Just use https://{hostname} instead of https://localhost everywhere in your HTML code and in manifest.plist file so that you can access the website's content from the mobile device in the same network.
I did some releases on a private store, and it worked in a similar way.
How it works :
Generate the ipa for entreprise distribution (with the correct provisioning profiles)
Upload the ipa wherever you want, if you need something beautiful, you could make an app that lists your IPA (your own private store) with information about it, and a link to download it (look below)
Upload the .plist file and make it so the url in the url field is the .ipa that you uploaded on step 1.
Create a basic HTML page with this line where you want it :
Users can now click it and download 😉