Unsupported content

 

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments. Click here to view the documentation for the current version.

Re-signing and rebranding BMC MyIT for Apple iOS

This topic was edited by a BMC Contributor and has not been approved.  More information.

The following process describes how to re-sign and rebrand BMC MyIT so that you can deploy a customized mobile app to end users who use Apple iOS devices. The mobile application is built using Swift and  Objective-C for both 32- and 64-bit architectures.

Note

When you upgrade BMC MyIT, rebranding changes do not persist. Before you upgrade, create a backup so that you can restore your changes after the upgrade.

If you need assistance with rebranding the application, contact BMC Support, or contact your account team.

The process involves the following procedures:

Before you begin

You must be a member of the Apple Enterprise Program to obtain the required development tools from the Apple Developer Portal. See the following resources for more information:

  • Apple Enterprise Program application—Apple requires you to be a company or organization with a D-U-N-S number to apply. An enterprise account allows you to distribute the rebranded application internally. An organization account enables you to distribute applications through the Apple store only.
  • Apple Developer Portal—Contains the development tools and documentation for developing Apple iOS apps.
  • Managing Your Team—Describes how to assign appropriate team roles. To complete the following procedures, you must assign the Team Agent role to the user who will create the certificate.
  • Accessing Member Center and iTunes Connect—See especially the "Managing Your Certificates, Identifiers, and Profiles" section.

Installing Xcode and the Apple root certificate

You are required to perform this procedure only once.

  1. On an Apple computer running MacOS, install the free Xcode from the App Store.
    Xcode developer tools cannot be used on an iPad, iPhone, or other iOS device.
  2. Install the Apple root certificate:
    1. Go to http://www.apple.com/certificateauthority/.
    2. Download the Apple Inc. Root Certificate.
    3. Double-click the file, and install it in the Keychain (login).

Creating an enterprise distribution certificate to re-sign BMC MyIT

  1. Log on with the Team Agent role to the iOS Provisioning Portal at https://developer.apple.com/devcenter/ios/index.action.
  2. In the Certificates section, click the plus sign (+) to add the certificate.
  3. In the Production section, select In-House and Ad Hoc.
  4. Generate a certificate signing request (CSR) by using the Certificate Assistant.
    Follow the instructions that Apple provides on the CSR screen.
  5. Upload the CSR to the iOS Provisioning Portal, and download the distribution certificate.
  6. Save the certificate, and open it with the Key Chain Access application.
    You will use this certificate to sign iOS applications.
  7. To export the certificate to a different build, save it in .p12 format:
    1. In Key Chain Access, go to the My Certificates section.
    2. Right-click the downloaded certificate, and click Export.
    3. Save the certificate in .p12 format, and provide a secure password when required.

Creating an application ID for your version of BMC MyIT

  1. Log on with the Team Agent role to the iOS Provisioning Portal.
  2. In the Identifiers section, click the App IDs tab.
  3. Click the plus sign (+) to add a new identifier.
  4. In the Description field, type a name that will easily identify your application to you within the portal (for example, Calbro MyIT).
  5. Make a note of the App ID Prefix (Team ID), which you will use in the re-signing process.
  6. Select Explicit App ID, and enter a unique identifier in the Bundle ID field (for example, com.customername.MyIT).
  7. Make a note of the Bundle ID for the re-signing process.
  8. In the App Services section, leave the defaults as they are, but ensure that Push Notifications is selected.
  9. Click Continue.
  10. Click Done to return to the Identifiers list.

Creating an in-house distribution provisioning profile

  1. Log on with the Team Agent role to the iOS Provisioning Portal.
  2. In the Provisioning section, click the Distribution tab.
  3. Click the plus sign (+) to add a new profile.
  4. On the Create iOS Provisioning Profile page, complete the following steps:
    1. For Distribution Method, select In House.
    2. Select the distribution certificate that you created.
    3. Select the App ID that you created.
  5. Download the provisioning profile.
    You can use this profile to build the application for in-house deployment.

Creating an Apple Push Notification Service (APNS) certificate

  1. Log on with the Team Agent role to the iOS Provisioning Portal.
  2. In the Certificates section, click the Production tab.
  3. In the top-right corner, click the plus sign (+).
  4. Select Apple Push Notification Service SSL (Production).
  5. Select the App Prefix ID (Team ID) that you created.
  6. Generate a certificate signing request (CSR) by using the Certificate Assistant.
    Follow the instructions that Apple provides on the CSR screen.
  7. Double-click the certificate to download it and import it into your Keychain.

Re-signing the BMC MyIT.ipa file with your enterprise credentials

  1. Unzip the ipa file.
    In the terminal application, enter the following commands, replacing /path/ with a specific path on your system; for example, /User/bill/MyIT-working/...:.

    mkdir /path/MyIT-ResignDir
    cd /path/MyIT-ResignDir
    unzip –oq /path/MyIT.ipa
  2. Clear out the previous build files.
    Still in the terminal application, enter the following commands.

    rm -rf "$(getconf DARWIN_USER_CACHE_DIR)/org.llvm.clang/ModuleCache"
    rm -rf ~/Library/Developer/Xcode/DerivedData
    rm -rf ~/Library/Caches/com.apple.dt.Xcode
    
  3. Resign the swift code dylibs with the following script.

    #!/bin/sh
    
    # Usage: ./sign.sh INPUT.ipa OUTPUT
    PROVISION.mobileprovision IDENTITY_NAME ENTITLEMENTS
    
    # Reading parameters
    INPUT=$1
    OUTPUT=$2.ipa
    MOBILE_PROVISTION=$3
    CER_NAME=$4
    
    # ENTITLEMENTS=$5
    
    # Cleaning working env
    rm -r Payload SwiftSupport
    
    # Unpackaging app
    unzip -q $INPUT
    APP=`ls Payload | tail -1`
    
    # Replacing mobile provision
    echo "Deleting original
    embedded.mobileprovision"
    rm "Payload/$APP/embedded.mobileprovision"
    echo "Copying embedded.mobileprovision"
    cp "$MOBILE_PROVISTION" "Payload/$APP/embedded.mobileprovision"
    
    # Resigning ipa
    echo "Re-sign by $CER_NAME"
    
    # Resigning dylibs
    if [ -e Payload/$APP/Frameworks ]
    then
      for dylib in "Payload/$APP/Frameworks/*"
      do
        codesign -f -s "$CER_NAME" $dylib
      done
    fi
    
    # Resigning app
    codesign -f -s "$CER_NAME" "Payload/$APP"
    
    # Cleaning output env
    rm -r "$OUTPUT"
    
    # Packaging ipa
    echo "Packaging ipa"
    zip -qr "$OUTPUT" Payload
    echo "Re-signed ipa $OUTPUT"
  4. In Xcode, create a MyIT.entitlements file in the /path/MyIT-resign-ipa directory, and add the following lines.
    You can download a copy of MyIT.entitlements to use as a starting point.

    MyIT.Entitlements
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
    	<key>application-identifier</key>
    	<string>ABCDE-ID.com.bmc.bsmapps.MyIT</string>
    	<key>aps-environment</key>
    	<string>production</string>
    	<key>get-task-allow</key>
    	<false/>
    	<key>keychain-access-groups</key>
    	<array>
    		<string>ABCDE-ID.com.bmc.bsmapps.MyIT</string>
    	</array>
    </dict>
    </plist>

    In the sample file, perform the following actions:

    • Replace the value for the application-identifier key with your team prefix and App ID.
      For example, where ABCDE-ID.com.bmc.bsmapps.MyIT appears, replace it with TEAMBUNDLEID.com.companyName.MyIT.

    • Replace the value for the keychain-access-groups key with your team prefix and App ID.
      For example, where ABCDE-ID.com.bmc.bsmapps.MyIT appears, replace it with TEAMBUNDLEID.com.companyName.MyIT.

  5. Perform the steps to customize the visual design.
    See Rebranding BMC MyIT iOS client.
  6. Place the provisioning profile that you created into the /path/MyIT-ResignDir folder , and rename the file to MyIT.mobileprovision.
    See Creating your in-house distribution provisioning profile for details about creating your own provisioning profile.
  7. Set the bundle ID (see the Apple Developer Site for more information), where CompanyDomain is your domain in reverse DNS format (for example, com.acme), and MYIT-APPNAME is the unique internal application name for BMC MyIT (for example, MyIT-Acme):

    cd /path/MyIT-ResignDir
    /usr/libexec/PlistBuddy -c "Set CFBundleIdentifier CompanyDomain.MYIT-APPNAME" ./Payload/MyIT.app/Info.plist
  8. Set the application name displayed on the iOS devices, where ApplicationName is the name of your MyIT application (for example, MyIT or AcmeMyIT):

    cd /path/MyIT-ResignDir
    /usr/libexec/PlistBuddy -c "Set CFBundleDisplayName ApplicationName" ./Payload/MyIT.app/Info.plist
  9. Set the default BMC MyIT server to your BMC MyIT server, where SERVER is your BMC MyIT server name (for example, MyIT.acme.com):

    cd /path/MyIT-ResignDir
    /usr/libexec/PlistBuddy -c "Set myit-server SERVER" ./Payload/MyIT.app/Info.plist
  10. Set the default port for your BMC MyIT server, where PORT is the TCP port for clients to access the server (for example, 80 or 443):

    cd /path/MyIT-ResignDir
    /usr/libexec/PlistBuddy -c "Set myit-port PORT" ./Payload/MyIT.app/Info.plist
  11. Replace the mobile provision file:

    cd /path/MyIT-ResignDir
    cp "MyIT.mobileprovision" "./Payload/MyIT.app/embedded.mobileprovision"
  12. Remove the the BMC code signature:

    cd /path/MyIT-ResignDir
    rm -r "./Payload/MyIT.app/_CodeSignature" "./Payload/MyIT.app/CodeResources"
  13. Re-sign the IPA. Replace BMC Software, Inc. with the name of your organization.

    cd /path/MyIT-ResignDir
    /usr/bin/codesign -f -s "iPhone Distribution: BMC Software, Inc." --entitlements “./MyIT.entitlements" "./Payload/MyIT.app"
  14. Create the IPA zip file:

    zip -qr "MyIT-rebranded.ipa" Payload

Rebranding the Applie iOS client for BMC MyIT

Making changes to the visual design files is not part of the re-signing process.

  1. Create the new graphic files according to the specifications in icon graphics and splash screen graphics.

  2. Create a folder for the icons (new_icons) and a folder for the splash screens (new_splash), and put the graphic files into those folders.

  3. Copy the icons into the application by using the following commands:
    cp -r new_icons/. Payload/MyIT.app/
    cp -r new_splash/. Payload/MyIT.app/
  4. Configure any of the built-in flags for rebranding, as in the following example:
    cd /path/MyIT-ResignDir
    /usr/libexec/PlistBuddy -c "Set CFBundleDisplayName $appName" Payload/MyIT.app/Info.plist
    /usr/libexec/PlistBuddy -c "Set myit-server $server" Payload/MyIT.app/Info.plist
    /usr/libexec/PlistBuddy -c "Set myit-port $serverport" Payload/MyIT.app/Info.plist
    /usr/libexec/PlistBuddy -c "Set myit-user $username" Payload/MyIT.app/Info.plist
    /usr/libexec/PlistBuddy -c "Set myit-pass $password" Payload/MyIT.app/Info.plist
    /usr/libexec/PlistBuddy -c "Set theme-dark $themecolor" Payload/MyIT.app/Info.plist
    /usr/libexec/PlistBuddy -c "Set navItemUpdates $navItemUpdates" Payload/MyIT.app/Info.plist
    /usr/libexec/PlistBuddy -c "Set navItemAppzone $navItemAppzone" Payload/MyIT.app/Info.plist
    /usr/libexec/PlistBuddy -c "Set hideReserve $hideReserve" Payload/MyIT.app/Info.plist

Icon graphics

The following table lists all supported icon sizes. For more information about required and recommended icons, see https://developer.apple.com/library/ios/documentation/UserExperience/Conceptual/MobileHIG/IconMatrix.html#//apple_ref/doc/uid/TP40006556-CH27-SW2 in the Apple iOS developer documentation.

Graphic
Size in pixels

File name

Usage

58x58AppIcon@2x.png

iPhone - Settings

80x80AppIcon80x80@2x.pngiPhone - Spotlight
120x120AppIcon120x120@2x.pngiPhone App Icon
180x180AppIcon180x180@3x.pngiPhone App Icon
40x40AppIcon40x40.pngiPad Settings
80x80AppIcon80x80@2x.pngiPad Settings
40x40AppIcon40x40~ipad.pngiPad Spotlight
80x80AppIcon80x80@2x~ipad.pngiPad Spotlight
76x76AppIcon76x76~ipad.pngiPad App Icon
152x152AppIcon76x76@2x~ipad.pngiPad App Icon

Splash screen graphics

GraphicSize in pixels

File name

Display is not the actual size.

640 x 1136Default-568h@2x.png

Display is not the actual size.

1024 x 768Default-Landscape~ipad.png

Display is not the actual size.

768 x 1024Default-Portrait~ipad.png

Display is not the actual size.

768x1024 Default@2x.png

Display is not the actual size.

1536 x 2048Default-Portrait@2x~ipad.png

Display is not the actual size.

640 x 1136LaunchImage-700-568h@2x.png

Flags for rebranding

The following flags are built into the application for rebranding.

FlagDescription
appNameThe name of the app is displayed under the icon and throughout the app.
serverThe app will auto-connect to this server.
serverportWhen the app auto-connects to the server, it connects to this port.
usernameThe app will auto-login with this user name.
passwordThe app will auto-login with this password.
themecolorThis color applies to several UI elements throughout the app.
navItemUpdatesChange the name of the "Updates" feature in the app navigation menu.
navItemAppZoneChange the name of the "AppZone" feature in the app navigation menu.
hideReserveDo not allow the ability to reserve locations.

Replacing the BMC MyIT APNS certificate with your APNS certificate

  1. Log on to the server that hosts the BMC MyIT server.
  2. Stop the Apache Tomcat instance that executes the BMC MyIT server.
  3. Find the external-conf folder under the Tomcat home folder.
  4. Create a subfolder called certification.
  5. Place the p12 file containing your APNS certificate into the certification subfolder.
  6. Log on to the Oracle or Microsoft SQL database used for BMC MyIT.
  7. Go to the PUSH_NOTIFICATION_CERT table, and query for records. 
  8. (If you are changing the iOS APNS certificate) Perform the following actions:
    1. In the iOS_Cert field, replace the current value (BMCiOSAPNSMyITMobile.p12 by default) with the name of the p12 file that contains your new APNS certificate.
    2. In the iOS_Password row, replace the current password with the password of your p12 file. (Enter it in plain text.)
  9. Click Save
  10. Start the Tomcat instance.


    Any notifications to iOS devices from your server (or tenant in multitenant environments) are sent using the new certificate.

Was this page helpful? Yes No Submitting... Thank you

Comments