Step five: Downloading an app
Once the app is uploaded and you have obtained the IDs for the policies and profiles, you can secure the app by calling POST app-market/policy. Use the policyIds parameter to pass the per-app policy GUIDs for each policy that you want to apply.
|Signing method||Download or export||What you get|
|SIGN_ON_CONSOLE||An apk or ipa file, secured and signed.|
|SIGN_EXTERNALLY||A zip file containing the secured apk or ipa file, validated signing information, and a signing script. See Exporting for external code signing.|
An apk or ipa file, secured and unsigned.
curl -b c.txt -c c.txt -X GET https://bc.qwe.com/mocana-app-control/rest/app-market/ 0a22067f-d523-4864-8973-3a80f054d884/apk -o AppName.apk
Exporting for external code signing
After you have secured an app with SIGN_EXTERNALLY to be signed outside the policy console, download a zip file that includes:
- A copy of the secured app
- All information required to sign the app
- A simple script (sign.sh) to run on a signing server
The SIGN_EXTERNALLY option requires a signing profile to include with the secured app. Applying the signing profile when you secure requires the policy console to validate the signing parameters for use with your app, even though it does not sign the app.
curl -L -b c.txt -c c.txt \ -X POST https://bc.qwe.com:443/mocana-app-control/rest/app-market/export-for-codesigning -F appId=94c37df7-g996-5fd8-9598-b4ec62f35545 \ -o exported-app.zip
Using the exported zip file
Exporting for code-signing allows you to download a zip file (exported-com.qwe.myapp.zip). To sign the app using the contents of the zip file:
On your signing server, extract the contents of the zip file. (Sign iOS apps on a Mac with Xcode and your code signing identity. Sign Android apps on a server with jarsigner and zipalign installed.)
In the directory with the extracted files, make sign.sh executable:
Run the script:
Optionally, you can specify the output filename, for iOS:
sh sign.sh output_filename.ipa
sh sign.sh output_filename.apk
Note: Do not specify the input filename.
Securing an app involves these steps:
Uploading an app
Creating profiles for the policies you want to apply (Defining security policies (API))
Choosing a code signing type and signing profile (Code signing (API))
Securing the app with those policies and profiles, optionally code signing in the policy console (Wrapping an app (API))
Downloading or exporting the app, optionally code signing outside the console