I know that in general installation via HTTPS is working but somehow it doesn't in my Environment.
The itms-service link is HTTP as far as I understood:
itms-services://?action=download-manifest&url=http://' . $_SERVER['SERVER_NAME'] . $downloadLink
The links in the .plist are then HTTPS
<key>assets</key>
<array>
<dict>
<key>kind</key>
<string>software-package</string>
<key>url</key>
<string>https://app.ipa</string>
</dict>
<dict>
<key>kind</key>
<string>full-size-image</string>
<key>needs-shine</key>
<true/>
<key>url</key>
<string>https://image_512x512.png</string>
</dict>
<dict>
<key>kind</key>
<string>display-image</string>
<key>needs-shine</key>
<true/>
<key>url</key>
<string>https://image_57x57.png</string>
</dict>
</array>
But the app won't install. I always get the message "App could not be loaded"
All URL's are reachable with HTTP & HTTPS.
XCode shows the app log
unknown securityd[2331] : CFReadStream domain: 12 error: 8
What am I doing wrong here?
Thx
The problem is that the Certificate Authority needs to be known by the iPad.
If you distribute Apps with HTTPS and the CA Server is your own, you need to install the certificate on the iPad. Otherwise iOS will try to download it.
You can install it sending it via email to your iPad or create a .pem File from the Keychain Access program and host it on your server for installation purposes. Then open it with Safari and iOS will ask you to accept it.
Then the installation works. But beware of using .htaccess as using HTTPS and HTTP together in the installation process seems to trigger the login/password for every request, which are 4 for images, .ipa and .plist, which is really annoying.
[EDIT] Please keep in mind that you need to refer to the .plist file only with HTTPS since Apple introduced iOS 7.1.