实现iOS局域网内打包,一键安装证书和内测App
使用apache开启https功能,使用Mac终端命令处理
一、生成证书
1. 进入apache web根目录处理证书命令;
cd /Library/WebServer/Documents
可以在Documents目录下创建一个文件夹,用于存放证书、ipa包、plist文件和html文件;用命令:sudo mkdir iOS 创建一个名为iOS的文件夹,终端输入:cd iOS进入该文件夹,接下来是生成秘钥、生成签署申请、生成服务器私钥和生成给网站服务器签署的证书。
接下来的操作都是在iOS文件夹下,使用终端命令完成:
(1)生成秘钥:输入sudo openssl genrsa -des3 -out app.key 1024
Generating RSA private key, 1024 bit long modulus
.....++++++
.........++++++
e is 65537 (0x10001)
Enter pass phrase for app.key:[这里是输入密码]
Verifying - Enter pass phrase for app.key:[这里再次输入密码确认]
(2)生成签署申请:输入 sudo openssl req -new -key app.key -out app.csr
Enter pass phrase for app.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN[这里是国家,CN中国]
State or Province Name (full name) [Some-State]:Zhejiang[这里是省份,城市,随意输入]
Locality Name (eg, city) []:hangzhou[这里是城市,随意输入]
Organization Name (eg, company) [Internet Widgits Pty Ltd]:zsyx[这里是公司,随意输入]
Organizational Unit Name (eg, section) []:zsyx[这里是组织名称,随意输入]
Common Name (e.g. server FQDN or YOUR name) []:192.168.2.1[这个必须填正确,是你的服务器的域名,或者ip]
Email Address []:123456@163.com[这里是我的邮箱]
please enter the following 'extra'attributes
to be sent with your certificate request
A challenge password []:123456[这里是密码]
An optional company name []:zsw[这里是名字]
(3)生成服务器的私钥:输入sudo openssl rsa -in app.key -out server.key
Enter pass phrase for app.key:[这里输入密码]
writing RSA key
(4)生成给网站服务器签署的证书:输入sudo openssl req -new -x509 -days 3650 -key server.key -out server.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:hangzhou
Locality Name (eg, city) []:hangzhou
Organization Name (eg, company) [Internet Widgits Pty Ltd]:hz ltd
Organizational Unit Name (eg, section) []:rh
Common Name (e.g. server FQDN or YOUR name) []:192.168.2.1[这个必须填正确,是你的服务器的域名,或者ip,必须和上面输入的一致]
Email Address []:zhu410289616@163.com
(5)输入sudo cp server.* /etc/apache2/
(6)测试配置是否成功:输入sudo apachectl configtest
Syntax OK
(7)重启apache:输入 sudo apachectl restart
2.apache开启ssl功能
(1)终端输入:cd /etc/apache2/ 进入该目录下编辑httpd.conf文件(/etc/apache2/httpd.conf和/private/etc/apache2/httpd.conf其实是同一个内容)
终端输入:sudo vi httpd.conf 删除以下四行内容前面的“#”
LoadModule ssl_module libexec/apache2/mod_ssl.so
Include /etc/apache2/extra/httpd-ssl.conf
Include /etc/apache2/extra/httpd-vhosts.conf
LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so
并且查看ServerName是不是指向 127.0.0.1:80 或者www.example.com:80
(2)终端输入:cd /etc/apache2/extra/ 进入该目录下编辑httpd-ssl.conf文件
终端输入:sudo vi httpd-ssl.conf 删除以下两行内容前面的“#”
SSLCertificateFile "/etc/apache2/ssl/server.crt"
SSLCertificateKeyFile "/etc/apache2/ssl/server.key"
说明:SSLCertificateFile "/etc/apache2/ssl/server.crt"和 SSLCertificateKeyFile "/etc/apache2/ssl/server.key"在你的Mac上可能会显示:SSLCertificateFile "/private/etc/apache2/server.crt"和SSLCertificateKeyFile "/private/etc/apache2/server.key",反正我的电脑上是这样显示的,不用多做修改,只需删除前面的“#”即可
(3)同样在extra文件夹下,编辑httpd-vhosts.conf文件
终端输入:sudo vi httpd-vhosts.conf
该文件内容里会包含两个<VirtualHost *:80> ... </VirtualHost>,需要在第二个后面再加一个 :
<VirtualHost *:80>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/server.crt
SSLCertificateKeyFile /etc/apache2/server.key
ServerName 192.168.2.1[这个必须填正确,是你的服务器的域名,或者ip,必须和上面输入的一致]
DocumentRoot "/Library/WebServer/Documents"
</VirtualHost>
这样就已经配置完成了,运行sudo apachectl configtest命令,检查配置。
Syntax OK 代表成功
可以重启服务器 sudo apachectl restart
到这里服务器就已经支持ssl了,可以打开浏览器访问https://192.168.2.1/iOS,页面会显示:It Works 表示已经配置成功。
说明:https://192.168.2.1/iOS表示访问的是你服务器的iOS文件夹,可以使用快捷键 cmd+shift+G 前往文件夹,输入:/Library/WebServer/Documents,可以看到你创建的iOS文件夹,该文件夹下可以看到刚刚配置的证书。
二、创建plist文件、html文件
1.创建plist文件
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>items</key>
<array>
<dict>
<key>assets</key>
<array>
<dict>
<key>kind</key>
<string>software-package</string>
<key>url</key>
<string>https://192.168.2.1/iOS/app.ipa </string> (说明:你的服务器地址下的ipa文件)
</dict>
<dict>
<key>kind</key>
<string>display-image</string>
<key>needs-shine</key>
<true/>
<key>url</key>
<string>https://192.168.2.1/iOS/app.png</string> (说明:可以随意放一张图片)
</dict>
</array>
<key>metadata</key>
<dict>
<key>bundle-identifier</key>
<string>com.ipeaksoft.pitDadGame</string> (说明:项目的bundle id)
<key>bundle-version</key>
<string>2.1.0</string>(说明:项目版本号)
<key>kind</key>
<string>software</string>
<key>title</key>
<string>内测ipa</string>(说明:这个随意输入)
</dict>
</dict>
</array>
</dict>
</plist>
2.创建html文件(index.html)
<!DOCTYPE HTML>
<html lang-"en">
<meta charset="UTF-8">
<head>
<title>app内测</title>
</head>
<body>
<h1 align="center">安装app内测版本</h1>
<br/>
<br/>
<p align="center">说明:必须先安装证书,再点击安装app</p>
<br/>
<br/>
<div style=font-size:25px align="center">
<font color="blue">
<a href="https://192.168.2.1/iOS/server.crt">1.安装证书</a>
</font>
</div>
<br/>
<br/>
<div style=font-size:25px align="center">
<font color="blue">
<a href="itms-services://?action=download-manifest&url=https://192.168.2.1/iOS/app.plist">2.安装app</a>
</font>
</div>
</body>
</html>
3.打包ipa,收集需要测试的设备UDID创建adhoc证书,打包ipa文件
最后将创建好的plist、html和ipa包导入你的服务器中的iOS文件夹下;
cmd+shift+G前往文件夹,输入:/Library/WebServer/Documents,将文件导入iOS文件夹里即可。
safari浏览器访问:https://192.168.2.1/iOS/index.html 即可实现一件安装app内测包。
中途遇到的坑:安装了证书后,再点击安装ipa时,如果提示“无法连接到192.168.2.1”这个ip地址,这个坑真的让我很无奈,搞了一下午,adhoc文件配了又配,以为是UDID没有加上去,欲哭无泪,最后无意中点击“设置->通用->关于本机->证书信任设置”,看到192.168.2.1这一项没有打开,(MMP)。好了,这个真的有点脑残了,希望你们不要遇到这样的坑!!!
结语:第一次写文章,也是借鉴大神写的这篇内容,有不足之处还望指出,正在努力学习中,觉得有用的同学可以点个赞哦,一起学习,一起成长!
