The following is some information on a potential problem, impact and remediation for customers using iOS for BlueWorx (and potentially other enterprise applications, related to iOS version 15+. In the following we have brought together some relevant information, it falls to customer or their partner to investigate and remediate as they control enterprise app creation and distribution.
With iOS 15 Apple has mandated the use of a new Code Signature Format. Applications built with the prior Code Signature Format will not run on iOS 15. Those apps that fail to comply will receive a message similar to this when trying to launch the application:
This problem has the potential to occur:
If you have built your Neptune Mobile Client using a Apple mac machine running macOS Big Sur operating system then it appears unlikely that you will have this issue. If you have distributed your Neptune (BlueWorx) Mobile Client via the Apple Business Manager program then it is also very unlikely that this issue will affect your app.
Customers with devices under their control should generally limit the applications of updates until their enterprise apps have been tested on newer releases, but this is not always the case for unmanaged devices. Customers using Neptune for other than BlueWorx purposes that falls within the criteria above will also be impacted, as will their deployment of any internally built iOS enterprise applications - i.e. this is not limited to BlueWorx/ Neptune.
Detailed information and remediation steps are in the Apple article at https://developer.apple.com/documentation/xcode/using-the-latest-code-signature-format
The remediation can be summarised as re-sign your application on a mac running macOS Big Sur (macOS version 11). Once re-signed you'll need to re-distribute the application. You may need to build a new version of your application incrementing the version number to enable distribution, and make support call resolution easier.
The BlueWorx Product Development Team have successfully built Neptune Mobile Clients using macOS Big Sur and can run these on iOS 15.
Please note that using the 'codesign' command line tool under macOS Catalina to re-sign the app as suggested in the article above is not valid as it's countered by the following information:
We have concluded that the only option to produce application builds for iOS is to use a mac running macOS Big Sur.
I'll share a couple of the things we found out while checking an iOS application "ipa" file to see whether it had an iOS 15 compatible signature. The Apple article is missing a couple of bits of information.
The article says to run codesign in the terminal to check the .app file. To get to the .app file unzip the .ipa file. The easiest way to do this is to change the .ipa file extension to .zip.
In the screenshot above I renamed mobile_layout_184.108.40.206.ipa to mobile_layout_220.127.116.11.zip and unzipped. The Payload folder was created by the unzip, and that folder contained our .app file.
I could then run the codesign command on the .app file as per the article.
codesign -dv PD1\ Dev.app
The key part of the output is the CodeDirectory v value
CodeDirectory v=20400 size=11769 flags=0x0(none) hashes=359+5 location=embedded
A value of under 20400 means that your app won't run on iOS 15 and a value of 20400 means that you have to do a further check (as outlined in the Apple article). To do that check run the following codesign command on your .app file.
codesign --display --verbose=5 PD1\ Dev.app
Check the values under the Page size=4096 to determine whether the signing is iOS 15 compliant. If you have rows that start with -5, -4, -3, -2 as per the Apple article then the signing is not compliant and you need to resign on a Mac running macOS Big Sur.
Some of these commands weren't clear in the article.
iOS Device Testing
We've done some additional testing and can confirm the following:
|iPad||10.3.4||error||Error message "App could not be installed at this time"|
iPad Generation 4 released in 2012 (max supported iOS 10.3.4)
|iPad||12.5.3||success||Original iPad Air released in 2013 (max supported iOS 12.5.6)|
There is no requirement to install a new build of your mobile application on older devices, only those with iOS 15+.
Note: Our test build was with an iOS Deployment Target of version 11.0. This is the default with from version 6 of the cordova-ios platfrom plugin. The application not running on iOS releases lower than 11 is consistent with the iOS Deployment Target.