1

I just try to understand the process of deploying enterprise apps.

My app is on a webserver which is accessable from the outside as well, which gives me the possibility to install the app at home. This seems like a security breach for Apple, I mean anyone could make a website which offers enterprise apps to any device. What is the limitation here ?

I couldn't find any information about this in the apple documentation, an official link would be great.

Trantec
  • 397
  • 1
  • 4
  • 14

2 Answers2

3

It is against the terms of use to distribute enterprise applications outside of your registered organization. If Apple finds out, your account will surely be terminated.

From THE FAQ

The iOS Developer Enterprise Program only allows you to distribute your apps to employees or members of your organization through Ad Hoc distribution.

borrrden
  • 33,256
  • 8
  • 74
  • 109
  • I read the FAQ as well, I think it is strange that there is no technical limitation. But there has to be one, otherwise there would be many illegal AppStores that offer enterprise apps. – Trantec Jun 06 '13 at 09:57
  • The limitation is, they can delete the account that signs the illegal apps, and the certificates should stop working too. Not sure if the apps will stop working immediately, but you have to sign the apps again every year. If it is easy for you to find an illegal app store, so it's for apple. – jcesarmobile Jun 06 '13 at 10:09
1

There is no limitation You shouldn't distribute the app to people who doesn't work in your enterprise, but apple can't control it. (to be clear, they can know if you are using the certificate, but they can't know if the people who installs the app work for you)

The only "limitation" is the fear to be discovered by apple because they will delete your account.

BTW, the security breach isn't for apple, it's for you, you should use a password in your webserver

From the Distributing Enterprise Apps Guide:

Requirements: A secure web server that authenticated users can access

jcesarmobile
  • 51,328
  • 11
  • 132
  • 176
  • This is wrong and certainly will lead to a termination of the developer account. Apple can check that and they will enforce it. – Till Jun 06 '13 at 09:29
  • Isn't that what he said in the final sentence @Till ? ^^ – borrrden Jun 06 '13 at 09:29
  • Hm, I get what he means. He is saying that there is no builtin mechanism for verify proper usage of the certificate. So technically, you have the ability to distribute wherever you want (risking punishment from Apple if they were to find out). – borrrden Jun 06 '13 at 09:36
  • They can verify the usage of the enterprise certificate, but they can't control if the person who installed the app is an employee or a member of your organization, so technically they can't control the usage of the certificate. They can terminate your account if they discover you are distributing the app to non employees, but it's very difficult to discover – jcesarmobile Jun 06 '13 at 09:48
  • I understand, the security breach is really my problem :) I thought Apple utilizes technical tools to secure their rights, but it seems in this case they do not. I'll removed the app already... – Trantec Jun 06 '13 at 10:16
  • Yes, in fact, in the wireless distribution they say "Requirements: A secure web server that authenticated users can access", so, you shouldn't distribute the apps in a non secure webserver withouth user authentication. http://help.apple.com/iosdeployment-apps/mac/1.1/?lang=en-us#app43ad871e – jcesarmobile Jun 06 '13 at 10:22