I must be missing something conceptually here, and I'm hoping someone can set me straight.
I'm not really clear why Ad Hoc deployments of iPhone applications are necessary, and why development builds can't be used instead.
Specifically, I don't understand why I can't just send someone my development provisioning profile and my app, as long as their machine id is included in my development provisioning profile.
So, on the Apple Provisioning Portal, under Devices, I add the device ID of my iPhone, and that of my friend. Under Certificates, I submit a CSR, which, to my understanding, does not contain anything specific about my device (it writes a private key to my machine, but I don't think there's anything specific about my device in the CSR). I then get a certificate which I download. I then create a development provisioning profile. In the process I select the certificate I just created (in my company's name but with nothing specific about my device), and I check all the devices, including those of my friend. I then download and install that provisioning profile on my iPhone (and only that provisioning profile, no other profiles or certificates or anything on my device). I then build my app, signing it with that development provisioning profile. I can then install the created .ipa on my iPhone, and it works.
So what keeps me from sending my friend (whose device id I checked when creating the development provisioning profile) the same development .mobileprovision and .ipa files, and he can install and run just the same?
Doesn't that get me the same effect as Ad Hoc deployment, without the additional hassles of Ad Hoc deployment? (of which I admit there may not be many, but there are some)
AdHoc is not developmental distribution; it is a release distribution without the App Store. It is a production level environment. For most apps, this doesn't mean much but for apps that deals with iAd or push notifications, this is a big deal.
For example, iAd development builds pull ads with higher frequency of error rates (roughly 80% errors) so that developers can work out the kinks of error conditions. These error conditions manifest in lower frequency with production iAd environments (App Store/Ad Hoc builds).
Ad Hoc deployment allows beta testers without access to a Mac, or a Mac with Developer tools, to install the developer's apps. The Ad Hoc recipient can use iTunes on a Windows PC, and long as their devices UDID is one of the up to 100 registered with the developer, they can install an Ad Hoc app emailed to them.
Exposing a private key, which would allow someone else to sign apps with the developers registered name may not be something every developer would want some stranger to do, just to let them test your app.
Related
I am trying to set an Ad Hoc distribution in order to test an iPhone app with some remote users. And I haven't found any good and clear tutorial up to now. By reading bits and pieces on Apple documentation and others I am now able to put the app on my iPod device doing as much as I can "as if I was remote user"; meaning I can put my app on the device without going through XCode. But when I send the xxx.mobileprovision an the app file to a remote user, things go wrong. The user gets a message saying that there is no proper signing authority.
As far as I know I included myself and the other users in the list of device UDIDs.
One thing unclear to me related to this issue is :
In the iOS Provisioning Portal section Certificates I can see one tab "Development" and another one "Distribution", I am not sure of what the difference is. I have one item in each tab, but I see no "Add" button to add more items and try something different. Is one of those two tabs important for my problem above?
Thanks.
The tabs are very important.
With certificates, Development is the Key Chain cert that grants you permission to build in Xcode directly to an iOS device connected by cable. Distribution is the Key Chain cert that grants you permission to build in Xcode app that may be installed onto an iOS device remotely.
Development is the mobile provisioning profile that has the list of registered an iOS devices you may directly build an app onto connected by cable.
Distribution is the mobile provisioning profile that has the list of registered an iOS devices you may send an app to someone else and have them install it on a registered iOS device remotely without using Xcode.
You want to do an Archive which will require a Distribution mobile provisioning profile. I might add that if you are sending an mobile provisioning profile in an email, you will likely want to Zip it with the .ipa since the profile can often get corrupted with in certain email clients.
Here's a link to another question that has very thorough step-by-step instructions for creating ad-hoc distribution profiles: how do you beta test an iPhone app. The instructions have changed slightly with newer Xcode versions, but this is still the best walkthrough I could find.
I am an individual developer who has written an ipad app for a company. They have bout 30 devices they want to put it on, so my current plan is to create a provisioning profile that contains all the UDIDS for all those device. So here are my questions:
I surely will miss at least one device and have to either:
a. Create a new distribution provisioning profile for that device
or
b. Add it to the existing provisioning profile, in that case does it void the others
Could I submit something to the appstore that is obviously for internal use and password protect it? The company probably isn't willing to do an enterprise account, and I don't want to maintain it by getting them a new provisioning profile every year when they expire. Any ideas here?
Did you consider Ad Hoc distribution? That would allow you to add the app to a new device without having to make a new provisioning profile.
I haven't done it myself, but this looks useful:
http://www.iphonedevsdk.com/forum/iphone-sdk-development/35818-unofficial-ad-hoc-distribution-guide.html
I love TestFlight for small distributions. Also, see the Apple enterprise distribution documentation. It goes over signing and wireless distribution.
Rather if this is going to be used by the company for a longer period of time then I would advice you to go for iOS Developer Enterprise Program.
The main highlighting lines about Enterprise Program is
"Gain access to resources that will help you develop proprietary, in-house iOS apps that you can distribute to employees or members of your organization."
So you can distribute the app among your company employees directly without need to submit it on app store. That would surely be a better option.
For more details on iOS Developer Enterprise Program, you can check out this link..
iOS Developer Enterprise Program
This isn't a coding question, but is to to do with beta testing my app and so I think it's relevant for here.
I want to give my app to people to try, such as online friends and my parents, neither of whom live anywhere near me. Am i able to provision an iPod Touch or iPhone for testing my app, and put the app onto that iPod or iPhone without doing it directly from my computer?
Yes, you need to generate an Ad-Hoc build. You get the beta testers to send you the UDID for their phones, then build an Ad-Hoc build targeting those devices and email it to them. They install it by dragging it into iTunes and then syncing their phone.
In reality it can be a bit of a trial the first time you generate an Ad-Hoc build. Apple's docs cover all the facts but lack a simple step-by-step guide. I'd strongly suggest you check out TestFlight - it's free to use and it makes the whole process much easier.
(If you're feeling really adventurous you could try out Anticipation, a simple Ad Hoc distribution tool I wrote that runs on Google App Engine. It's free and open source, so help yourself!)
You are looking for Ad Hoc Distribution in Provisioning Portal. Basically, you will need to create an Ad Hoc Distribution Profile that has the Unique Device ID's of the devices your friends will use to test.
In Xcode, you will build your app with the above-mentioned distribution file using Build and Archive. When You open Organizer and click on the archived app, you will choose Share -> Email. This will open your mail client and attach the .ipa and the correct distribution file for your users to drop onto iTunes and Sync.
You want to look in to Ad Hoc Distribution. You'll create an Ad Hoc Distribution Provisioning Profile on the Provisioning Portal, then Build & Archive, then "Share" the archive signed with your Ad Hoc profile.
Check out this article, it walks you through it and shows a nice way to distribute it online. Note that you have to repeat the process every time you make a change to your app or add a new device to the profile.
You have to create an ad-hoc version of your app.
You need to get the UUID of the users devices. Erica Sadun created an app that helps you doing this. It gets the uuid on the device and emails it to you. Those UUID goes into a special provisioning profile you create in the provisioning center on dev.apple.
For ad hoc deployment I use Hockey Framework. Some php files you put on your webserver with the ad hoc version and the provisioning profile.
Beta testers can then install the app by visiting the website with their devices.
I'm part of the design (I've had experience with python, php, jquery, and java, but never ObjC) team for our application and was handed off some of the developer responsibilities with our iPhone developer went on his vacation. From the developer, I have the project source, his p12 private key, and the mobileprovision file.
Already, I've encountered this error when attempting to build the application on a device:
Code Sign error:
The identity 'iPhone Developer: xxxxxx xxxxx (xxxxxxxxxx)' doesn't match any valid
certificate/private key pair in the default keychain
despite XCode apparently recognising the distro and keychain (I used security import xx.p12 -k ~/Library/Keychains/login.keychain to import the p12 file; and there are both the private key and the iPhone Distribution: xxxx xxxxxxx certificate in the keychain GUI.
This I am pretty sure I can solve, but my main concern is whether I can add new UDIDs for the beta tests, which are occurring next week. The methods I've seen all involve adding devices via Apple's dev centre, and then downloading; i.e. no way to add UDIDs locally. Our developer is running it off of his personal Apple Dev license ($99 one), which we don't have the password for.
So main question: is there any way to add UDIDs to our distro WITHOUT using the Apple dev centre (i.e. locally), or worse case, can I register my account as an apple developer and then add the UDIDs to that new account to distribute?
Without being able to access his Developer account there is no way for you to create new provisioning files (for extra UUID's) for his account. To add more UUID's you will have to create your own account and setup the project with those certificates and provisioning files.
Of course you could ask the developer to add the UUID's to his account and create a new provisioning file for you. It just depends how many of his 100 UUID's per year he has used up.
If you sign up for your own account, read up on ad hoc distribution. Apple has plenty of documentation. The following chapters will be of use:
Managing Devices and Digital Identities
Distributing Applications
......but sometimes guides are easier to follow.
Nope. The only way to add new UDIDs is via iTunes connect.
You'll have to contact your developer and either ask him for the password, or tell him the UDIDs so he can regenerate the profiles.
If you have the full source code, and an apple developer account, you could create a private beta test.
You will need to build and code sign your app with a Ad-Hoc Distribution Profile.
The limit is 100 devices, but you can produce multiple Ad-Hoc Distribution Profiles.
Each Ad-Hoc Profile can be attached to a select number of devices.
When Devices are added - you will need to get a new Ad-Hoc Provisioning Profile to distribute, but that should get you through a limited beta test.
If you need more information - send me a quick message. (You may have some issues helping your beta - testers install on VISTA and Windows-7) so learn about IPA files.
"So main question: is there any way to add UDIDs to our distro WITHOUT using the Apple dev centre (i.e. locally), or worse case, can I register my account as an apple developer and then add the UDIDs to that new account to distribute?"
I think I'm just cloudy on how debugging works on a real device - is that how to go about it? I've been reading through Apple's docs on creating provisioning profiles for distribution, but I'm not finding any information for simply debugging my app, which is running on my device, through Xcode. Can someone point me in the right direction?
Edit (2/19/09):
I'm getting conflicting answers on whether or not I need to create an ad-hoc provisioning profile to debug my app. If I don't need to create an ad-hoc provisioning profile, what else do I have to do to debug my app, other than having my development provisioning profile and certificate for myself?
Edit (2/20/09):
This link, iPhone Development Guide: Preparing Devices for Development, seems to say that you do need a development provisioning profile for debugging on a device. In my last edit, I mentioned that I was getting conflicting answers on whether or not I need to create an ad-hoc provisioning profile. The answers are not conflicting, I just didn't understand the difference between an ad-hoc provisioning profile and a development provisioning profile.
Any time you're writing software to be installed on an iPhone, you need two things: a key and a provisioning profile. The key identifies the person who developed the application; it stays on your computer and is used to sign the apps you build. The profile identifies which devices are allowed to run applications signed by a given key; it needs to be installed onto the device.
Distribution keys are basically one per company, and are only meant to be used when you are building a version of an app that's intended to be distributed outside your development team. (App Store builds must be signed with a distribution key.) Development keys are intended to be one per developer, but are only meant to be used when actively developing an app.
(If you are an individual developer, of course, you have only one developer key and one distribution key. On my machine, I've set up Keychain to require a password for the distribution key, so even if somebody steals my laptop they can't release an update to one of my apps that compromises user security. The developer key, which can only install software onto my personal phone, is not passworded.)
When you're testing on your own personal device and installing through Xcode, you need a development provisioning profile and a development key. This development profile should be installed into Xcode, which will then install it onto your phone.
When you're distributing to a small number of others (for example, for beta testing, or if you wrote an app that's specialized for a specific customer), you need an ad-hoc profile and a distribution key. You'll need to send the ad-hoc profile to the user along with the app. The user can then drop both the profile and app into iTunes and sync their phone to install.
When you're distributing through the App Store, you need an App Store profile and a distribution key. Builds made in this way cannot be run on any device you control, but Apple's submission tools require them to be built using this profile.
So to answer your question: You need to provision your device, but it has to be a development provisioning profile, not an ad-hoc profile.
No, you don't need an Ad Hoc provisioning profile to debug an app, you only need a development provisioning profile and certificate for yourself on your device.
You need to provision the device, yes. IIRC you need to use Apple's online tool, and then provision it using Xcode, after which you will be able to debug it on the device.
See the first post on this blog for more.