Security concerns about required iOS files within company

Mobile Testing, Android App Testing.
BlindJones
Posts: 54
Joined: Fri May 17, 2019 7:10 am

Security concerns about required iOS files within company

Post by BlindJones » Fri May 17, 2019 7:17 am

Hi everyone,

we would like to use the Ranorex Studio solution to test self-developed iOS apps in our company. However, our development manager expressed security concerns when he learned that the ".mobileprovision" and ".p12" files were required.

Can anyone tell me exactly why these files are needed, what for and what happens to them? Are the files only read and verified locally, or are the files uploaded and verified online in any way? Do anyone else have access to the files but us?

I would be happy if someone could explain this to me briefly.

Thank you very much for your support!

BlindJones

User avatar
RobinHood42
Posts: 324
Joined: Fri Jan 09, 2015 3:24 pm

Re: Security concerns about required iOS files within company

Post by RobinHood42 » Wed May 29, 2019 9:59 am

Hey,

in order to install an app on an iOS device, it has to be signed first. The provisioning profile is a link between the device and the developer account and allows you to install the app on the device directly. This is basically the reason that Ranorex needs the two files. Ranorex doesn't upload it anywhere.

This is a good article that describes it: https://medium.com/@abhimuralidharan/wh ... 987a7c54c2

Cheers,
Robin :mrgreen: