On 25 Sep, 2012, at 6:14 AM, IPhone Lover < email@hidden> wrote:
On Mon, Sep 24, 2012 at 9:00 PM, Fritz Anderson <email@hidden> wrote:
Apple issues the distribution profiles and the certificates. It has the expiration dates on file.
I did not get the meaning what you are trying to say?
iOS validates them against Apple servers (which have their own clocks) whenever practical; every 3–7 days for enterprise applications.
Ok, But still did not get the idea of this line.
If the certificate expires, or you revoke it, or the device can't reach ocsp.apple.com, the app won't run, no matter how "clever" you are with the device's clock.
ocsp.apple.com can not open in browser or it could be for their own purpose
Not every machine name is an HTTP server, ocsp.apple.com is a server running a service which validates certificates, so no, you can't open it in the browser. Type 'man ocsp' to see information about Online Certificate Status Protocol. . But i myself tested, i just downloaded the provisioning profile and i made the build with that provisioning profile and run it on iPhone. It was working but whenever i change the date/time for the device exceed to provisioning profile expiry date. it does not run.
Yes that's what he's trying to tell you, this is by design. You started this by stating that it was a 'problem' that if your users change their phone clock time to beyond the end (or the start) of the validity of the certificate then the app won't run. That's how it's supposed to work to make sure that each year (and it's is once a year, not every 90 days by the way) a new enterprise provisioning profile is generated for the app and installed on the devices. Why do you think this is a problem? |