iOS 10 can't install in house apps OTA

After updating a few devices to iOS 10 to test our distribution, we found that we can't install any of our internal applications OTA.


All of our devices are managed. Some are supervised and some are unsupervised. We support from iOS 6 (4th gen iPods) to iOS 10.


The restriction that seems to be cause the problem is for restricting access to the Apple App Store. Previously this meant that the App Store would not show up and you couldn't install apps from the Apple App Store, but could still install our internal applications through either our web portal or an MDM solution. In iOS 10, that restriction is stopping installation OTA through our web portal. Removing the restriction allows OTA installation to work but then the devices have access to the Apple App Store, which is very undesirable for us.


Our OTA installation works using the itms-services:// protocol pointed to a manifest plist. With the restriction in place, it seems to reject this protocol. All previous versions of iOS worked fine. Changing between HTTP and HTTPS for the IPA and manifest plist files, makes no difference.

Replies

We got the same issue and did updated our server to support TLS 1.2 but no luck. Did you do anything else besides the TLS update?

Regards,

Thong

Hi folks,


I would love to hear ANY kind of answer from Apple. There is a radio silence on this forum.


I recorded two logs while installing an app from two different servers. Both servers use TLS 1.2.

Device: iPad mini running iOs 10.2 Beta5. Check this out:


--NON WORKING SERVER--

Dec 5 12:07:07 iPad SpringBoard(FrontBoard)[54] <Info>: [FBSystemService][0x9466] Received request to open "com.apple.AppStore" from ***:81 on behalf of QRReaderiPad:354.

Dec 5 12:07:07 iPad SpringBoard(FrontBoard)[54] <Info>: Pending install synchronization block: <__NSMallocBlock__: 0x1746995a0>

Dec 5 12:07:07 iPad SpringBoard(FrontBoard)[54] <Info>: [FBSystemService] Request from <private> is not trusted.

Dec 5 12:07:07 iPad SpringBoard[54] <Notice>: Received untrusted open application request for "com.apple.AppStore" from <FBApplicationProcess: 0x140183710; QRReaderiPad; pid: 354>.



--WORKING SERVER--

Dec 5 12:10:54 iPad SpringBoard(FrontBoard)[54] <Info>: [FBSystemService][0x46b8] Received request to open "com.apple.AppStore" from ***:81 on behalf of MobileSafari:384.

Dec 5 12:10:54 iPad SpringBoard(FrontBoard)[54] <Info>: Pending install synchronization block: <__NSMallocBlock__: 0x1708823a0>

Dec 5 12:10:54 iPad SpringBoard[54] <Notice>: Received trusted open application request for "com.apple.AppStore" from <FBApplicationProcess: 0x1401ca9c0; MobileSafari; pid: 384>.

Dec 5 12:10:54 iPad SpringBoard(FrontBoard)[54] <Info>: [FBSystemService][0x46b8] Request complete; no error reported.


Hope this contributes a bit more to finding out how to solve this issue.

Kind regards,

Julian

Hi All,


We can't install in-House app through OTA on iOS10 devices.

It's a issue when AppStore Icon is nothing on the home.


Debug logs as follows.


MobileSafari(MobileCoreServices)

com.apple.AppStore is currently restricted and no eligible to open the <private scheme>


We have configured TLS1.2 on OTA server.

But this issue can Not solved.


Please teach us to solve this issue.


Best regards,

EnhDevman

Please check your web server setup. From iOS 10.3 onwards apple has removed the support for SHA-1 signed certificate used for Transport Layer Security (TLS) in Safari and WebKit. For more detail please check this link:


https://support.apple.com/en-in/HT207459

Go to Setting --> General --> About --> Certificate Trust Settings --> enable SSL

It will be helpful for me if you can you please explain this in some detail. I am facing similar problem. My client has MDM iPads which have ios version 10.3.2 and 11.2.6


I am sending app updates using follwing protocol

itms-services://?action=download-manifest&url=<Plist_url_on_my_server>


For device having 10.3.2 its working but for device that has 11.2.6 it's not working

Both device has same MDM policy restriction


What would be the issue? Is that bug on iOS 11.2.6? Anyone who has this solved

There is no such thing. On iOS 10, Certificate Trust Settings only display a version number.