We currently have our Xcode server set up for our CI build.
When trying to download the builds on a device i am greeted with 'Cannot connect to server.local' when visited over SSL.
When i try to download over http i am created with 'cannot install application because the certificate for server.local is not valid'
I believe this is to do with the the SSL validation for OTA downloads within iOS 7.1 however i am using a self assigned certificate.
Is this a bug or a limitation of Xcode server. Do we need a certificate that is not self assigned?
Thanks
Dan
Your best solution is to create a custom CA and install that on the device and then create a certificate for your specific domain and install that on the Xcode server.
First create a CA.
openssl genrsa -out Custom-CA.key 2048
openssl req -x509 -new -key Custom-CA.key -out Custom-CA.cer -days 730 -subj /CN="Company Name Certificate Authority"
Now you need to create a certificate signed with the above authority.
IMPORTANT: server.local
should be replaced by whatever your host name of the machine is (the original question was using server.local
). IP addresses will not work.
openssl genrsa -out xcode-server.key 2048
openssl req -new -out xcode-server.req -key xcode-server.key -subj /CN=server.local
openssl x509 -req -in xcode-server.req -out xcode-server.cer -CAkey Custom-CA.key -CA Custom-CA.cer -days 730 -CAcreateserial -CAserial xcode-server_serial.txt
You then need to install Custom-CA.cer
on all devices you want to use with the server. The easiest way is to email the Custom-CA.cer
to those devices.
In OS X server you need to import the Custom-CA.cer
, xcode-server.key
and xcode-server.cer
and use the server.local
certificate as the servers SSL certificate.
(Info from this guide)
E.g. If you machine host name was xcodeserver.companyname.com
you would put /CN=xcodeserver.companyname.com