Trouble with o.t.a. distribution from a secure server

Thank you Colin, but my problem is NOT iOS 7-specific. And our server's certificate is valid and recognized.

How are you building your files? I use this Mac app:

https://itunes.apple.com/us/app/betabuilder-for-ios-apps/id415348946?mt=12

I just drag the IPA on to that app, type in the final URL for the files, and it builds all the files needed. I usually have the server mounted on my desktop, so I can build the files straight into the right folder. Sometimes though that can lead to permissions issues, and I have to repair those. A way around the permissions issues is to build to a local folder and then FTP up to the server folder. I think that works with less risk of messing up the permissions.

After the first time with any given app I can then just pick it from the Recent menu, no need to even drag the IPA file onto Beta Builder.

Colin, just to be clear before I try your suggestion: are you having success with o.t.a. downloads from secure servers (i.e.with the .ipa on a https:// server) ?   If so, with which iOS versions?

No, because iOS 7 doesn’t like our server certificate. I’m still trying to get our IT person to replace the certificate with a certified authority one, to see if that helps.

My work around for now is to use HTTP://. iOS 7.1 still won’t work, because it demands HTTPS://, but at least iOS 6 and 7.0 users can install the apps, even with the shady certificate.

Colin, I did some tests with 7.1 today and here's what I found:

With iOS 7.1, html and manifest.plist files MUST be on a secure server. The .ipa MUST NOT be on a secure server for the download to work!

This, to me, is buggish behavior and I'm hoping to get some clarity from Apple in the next few days.

If you can get different results with the .ipa on https, please post here.

i use dropbox for https install 🙂

create folder and 3 files - html, plist and ipa

create shared link for each file and change https://dropbox.com to https://dl.dropboxusercontent.com inside html to plist and inside plist to ipa

this is legal freeware and working solution. just update your files - shared links will be the same after file updating 🙂 work successful with 7.1

Thank you Anton. But why should this not work on a private https server?

I dont said that 🙂 I just mentioned that u can use dropbox if dont have own https

I know that you didn't say that. I ASKED that! 😉

I still think there may be a certificate issue, and dropbox most likely are using good certificates.

Colin, thanks but it can't be THAT hard to have a good certificate. And a bad certificate is immediately noted, in any event, by good browsers. Anyway the certificates on the servers I'm playing with are quite good.

I'm now investigating a MIME-type issue on various server types.

This turns out to be an easy, but hard to find, solution. If the .ipa is served by Microsoft's IIS server software v6.0 or later, the MIME-type settings must include .ipa as 'application/octet-stream'. Otherwise no file is served. Safari on iOS then just gives a dumb 'Cannot download ..." message.  Apache servers are a little smarter -- they'll deliver in any event.

So this is not really a http - https issue. I was fooled because my https attempts were all happening from IIS servers that weren't set up properly. It's also not a certificate issue, or either really a iOS 7.1 issue. I guess it works from Dropbox because they run Apache or a properly MIME-typed IIS server.

Thanks for reporting back. I guess our server already had the MIME issues sorted out, I only had to user the right certificate.