2. Configure the policy console for securing iOS apps
Before you can secure iOS-based apps, you must configure the policy console to do so. Each of these settings is available in the policy console Settings page, iOS tab.
The following procedures assume that you have knowledge of provisioning profiles for iOS apps and how they work with the policy console. If you are not familiar with these concepts, please see About iOS Provisioning and Blue Cedar.
- (Required) Point the policy console to the signing server you just set up.
- (Required) Enter the bundle seed ID you used while provisioning your Mac for iOS development.
Once the policy console is set up, you can use signing profiles to specify provisioning profiles and certificates. See Using and configuring signing profiles for details.
Pointing the Policy Console to the signing server
Find the signing server’s IP address.
$ ifconfig
Make a note of the Ethernet inet address.
In the policy console, under Settings > iOS > iOS apps signing server for apps secured with Blue Cedar, specify the signing server by providing a server hostname and username.
Select an authentication method for connecting to the signing server—either supply the password or generate an SSH key. If you generate an SSH key, follow the on-screen instructions to configure the signing server to trust it.
At the bottom of the page, click Apply.
Entering the bundle seed ID
Under Bundle Seed ID, type the bundle seed ID you want to use. The bundle seed ID is a 10-character string generated by Apple, usually identical to your Apple team ID. You can find your Team ID on the Apple Developer Membership page.
At the bottom of the page, click Apply.
Choosing a global code signing type
Signing apps with the policy console describes the options for app signing:
- Sign the app on the console, using the configured app-signing parameters.
- Export an archive of the app and all signing settings for code signing externally.
- Disable code signing to sign all apps yourself (instead of having the policy console sign the apps).
Under Code signing type, select the signing type from the menu.
At the bottom of the page, click Apply.