Preparing your infrastructure to deploy in-house apps
The first time a user opens an app, the distribution certificate is validated by contacting Apple’s OCSP server. If the certificate has been revoked, the app won’t launch. To verify the status, the device must be able to reach ocsp.apple.com.
The OCSP response is cached on the device for the period of time specified by the OCSP server—currently, between 3 and 7 days. The validity of the certificate isn’t checked again until the device has restarted and the cached response has expired. If a revocation is received at that time, the app won’t launch.
WARNING: Revoking a distribution certificate invalidates all of the apps you’ve signed with it. You should revoke a certificate only as a last resort—if you’re sure the private key is lost or you think the certificate has been compromised.
Construct your website
Upload these items to an area of your website that your authenticated users can access:
The app (.ipa) file
The manifest (.plist) file
Your website can be a single page that links to the manifest file. When a user taps a web link, the manifest file is downloaded, which triggers the downloading and installation.
Here’s a sample link:
<a href="itms-services://?action=download-manifest&url=https://example.com/manifest.plist">Install App</a>
Don’t add a web link to the archived app (.ipa). The .ipa file is downloaded by the device when the manifest file is loaded. Although the protocol portion of the URL is “itms-services,” the App Store isn’t involved in this process.
Also make sure your .ipa file is accessible over HTTPS and that your site is signed with a certificate that’s trusted by iOS and iPadOS. Installation fails if a self-signed certificate doesn’t have a trusted anchor and can’t be validated by the device.
Set server MIME types
You may need to configure your web server so the manifest file and app file are transmitted correctly.
For the server, add the MIME types to the web service’s MIME types settings:
For Microsoft’s Internet Information Server (IIS), use IIS Manager to add the MIME type in the Properties page of the server:
Network configuration requirements
If a device is connected to a closed internal network, you must let it access the following:
https://ax.init.itunes.apple.com: The device obtains the current file-size limit for downloading apps over the cellular network. If this website isn’t reachable, installation may fail.
https://ppq.apple.com: The device contacts this website to check the status of the distribution certificate used to sign the provisioning profile.
Preparing a proprietary in-house app for wireless distribution
To prepare your proprietary in-house app for wireless distribution, you build an archived version (a .ipa file), and a manifest file that enables wireless distribution and installation of the app.
Use Xcode to create a versioned archive of your app, and then export the app for distribution to the organization. Xcode uses the distribution certificate and includes the appropriate provisioning profile.
Create a manifest file
The manifest file is an XML property list (.plist file) used by Apple devices to find, download, and install apps from your web server. The manifest file is created by Xcode, using information you provide when you share an archived app for distribution to an organization. To view the list of attributes and associated values, see Install Application Command on the Apple Developer website.
Troubleshooting wireless app distribution
If wireless app distribution fails with an “unable to download” message:
Make sure the app is signed correctly. Test it by installing it on a device using Apple Configurator 2, and see if any errors occur.
Make sure the link to the manifest file is correct and the manifest file is accessible to web users.
Make sure the URL to the .ipa file (in the manifest file) is correct and that the .ipa file is accessible to web users over HTTPS.