ios 9 support in IBM MobileFirst Platform Foundation IBM
Note Before using this information and the product it supports, read the information in Notices on page 13. ios 9 support in IBM MobileFirst Platform Foundation This edition applies to the following products: v IBM Worklight Version 6.0.0 and later v v IBM Worklight Foundation Version 6.2.0 and later IBM MobileFirst Platform Foundation Version 6.3.0 and later You must apply the most recent interim fix for your product before following the procedures outlined in this book. This edition was updated last on 15 September 2015. Copyright IBM Corporation 2015. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
Contents About this document......... 1 Enabling extended authenticity checking for apps that undergo app thinning... 3 Terms and conditions for product documentation.. 15 IBM Online Privacy Statement........ 16 Index............... 17 Disabling bitcode in Xcode builds... 5 Using dynamic.tbd libraries in Xcode 7 7 Enforcing TLS-secure connections in ios apps.............. 9 Support and comments....... 11 Notices.............. 13 Trademarks.............. 15 Copyright IBM Corp. 2015 iii
iv ios 9 support in IBM MobileFirst Platform Foundation
About this document For your IBM MobileFirst Platform Foundation apps to support ios 9, you must install the latest interim fix for your product and complete the actions described in this document. Interim fixes that provide for ios 9 support are available for the following products: v IBM Worklight Version 6.0.0 and later v IBM Worklight Foundation Version 6.2.0 and later v IBM MobileFirst Platform Foundation Version 6.3.0 and later Obtain the latest interim fix for your product from IBM Fix Central. You can search for fixes for your product and download the fixes from the following URL: http://www.ibm.com/support/fixcentral After you install the latest interim fix for your product, complete the tasks outlined in the following sections: v Enabling extended authenticity checking for apps that undergo app thinning on page 3 describes how you can enable extended authenticity checking for apps that undergo thinning. v Disabling bitcode in Xcode builds on page 5 provides the procedures you must perform to disable the new bitcode option in Xcode 7 builds. v Using dynamic.tbd libraries in Xcode 7 on page 7 provides the procedures you must perform to link new Apple TBD files when compiling with Xcode 7. v Enforcing TLS-secure connections in ios apps on page 9 describes how for development purposes, you can bypass the ios 9 requirement to enforce Transport Layer Security (TLS) protocol version 1.2. Perform the steps that are provided if and where you require them. There is no special order in which you must perform them. Copyright IBM Corp. 2015 1
2 ios 9 support in IBM MobileFirst Platform Foundation
Enabling extended authenticity checking for apps that undergo app thinning The latest interim fix for IBM MobileFirst Platform Foundation allows you to take advantage of app thinning for.ipa files that are compiled with Xcode 7, without influencing extended authenticity. About this task App thinning was introduced by Apple in ios 9 for apps that are compiled with Xcode 7. App thinning reduces the size of files that are downloaded from the App Store. Without applying the most recent interim fix, app thinning might affect the extended authenticity features of IBM MobileFirst Platform Foundation apps because the binary file in the App Store might differ from the one that is downloaded to the client device. By performing the procedures that are described here, the new.ipa file that you upload to the App Store can take advantage of app thinning, without influencing extended authenticity. After you apply the latest interim fix, the app thinning feature is available for any app that uses ios 9 and later and Xcode 7 and later and that was created by using IBM MobileFirst Platform Foundation V7.0.0 and later. Note: App thinning does not take place in apps that were developed using earlier versions of ios and Xcode. In such cases, you do not need to apply the latest interim fix. Procedure 1. Ensure that you apply the most recent interim fix to IBM MobileFirst Platform Server. 2. Configure the original.wlapp file by using the enable-extended-authenticity command of the wladm program. For more information, see Configuring extended app authenticity checking. 3. Deploy the.wlapp file to the server for testing. Copyright IBM Corp. 2015 3
4 ios 9 support in IBM MobileFirst Platform Foundation
Disabling bitcode in Xcode builds The new bitcode option in Xcode builds is not supported for IBM MobileFirst Platform Foundation projects. You must disable it. About this task Starting with Xcode 7, bitcode is a default, but optional option for ios apps. The bitcode option is not currently supported in IBM MobileFirst Platform Foundation. To use the MobileFirst SDK in your Xcode projects, you must disable bitcode. Important: This procedure applies to any version of IBM MobileFirst Platform Foundation with which you use Xcode 7. Note: Applications that are based on Apple watchos 2 require the bitcode to be enabled and are currently not supported in IBM MobileFirst Platform Foundation. Procedure On the Xcode Build Settings tab, in the Build Options group, set Enable Bitcode to No. Copyright IBM Corp. 2015 5
6 ios 9 support in IBM MobileFirst Platform Foundation
Using dynamic.tbd libraries in Xcode 7 The MobileFirst SDK requires the use of Xcode 7 dynamic.tbd libraries. About this task Xcode 7 has replaced dynamic.dylib libraries with more lightweight.tbd files. Up to now, IBM MobileFirst Platform Foundation projects link with.dylib libraries such as: libc++.dylib, libstdc.dylib, and libz.dylib. These must be replaced with the corresponding.tbd libraries. This guideline applies to any version of IBM MobileFirst Platform Foundation with which you use Xcode 7. Procedure Replace all references to.dylib libraries such as: libc++.dylib, libstdc.dylib, and libz.dylib with the respective.tbd libraries. For example, instead of libc++.dylib, write libc++.tbd. Copyright IBM Corp. 2015 7
8 ios 9 support in IBM MobileFirst Platform Foundation
Enforcing TLS-secure connections in ios apps For development purposes, hybrid ios projects that are created in IBM MobileFirst Platform Studio or by using CLI bypass the ios 9 requirement to enforce Transport Layer Security (TLS) protocol version 1.2 in all apps. About this task Apple s App Transport Security (ATS) is a new feature of ios 9 that enforces best practices for connections between the app and the server. By default, this feature enforces some connection requirements that improve security. These include client-side HTTPS requests and server-side certificates and connection ciphers that conform to Transport Layer Security (TLS) version 1.2 using forward secrecy. For development purposes, you can override the default behavior by specifying an exception in the Info.plist file in your app, as described in App Transport Security Technote. However, in a full production environment, all ios apps must enforce TLS-secure connections for them to work properly. By applying the latest interim fix, the apps that you develop using IBM MobileFirst Platform Foundation automatically turn off transport security to allow all non-secure connections to the MobileFirst Development Server. To enable non-tls connections, the following exception must appear in the <projectname>info.plist file in the <project>\resources folder: <key>nsexceptiondomains</key> <dict> <key>yourserver.com</key> <dict> <!--Include to allow subdomains--> <key>nsincludessubdomains</key> <true/> <!--Include to allow insecure HTTP requests--> <key>nstemporaryexceptionallowsinsecurehttploads</key> <true/> </dict> </dict> Note: v If you are creating a hybrid ios application, your IBM MobileFirst Platform Server host name is added automatically to the NSException dictionary. v If you are creating a native ios application, you must manually add the IBM MobileFirst Platform Server host name to the NSException dictionary. Procedure 1. To prepare for production, remove or comment out the code that appears earlier in this page. 2. Set up the client to send HTTPS requests by using the following entry to the dictionary: Copyright IBM Corp. 2015 9
<key>protocol</key> <string>https</string> <key>port</key> <string>10443</string> The SSL port number is defined on the server in server.xml in the httpendpoint definition. 3. Configure a server that is enabled for the TLS 1.2 protocol. For more information, see Configuring MobileFirst Server to enable TLS V1.2. 4. Make the settings for ciphers and certificates that are appropriate to your setup. For more information, see the following documents: v App Transport Security Technote v Secure communications using Secure Sockets Layer (SSL) for WebSphere Application Server Network Deployment v Enabling SSL communication for the Liberty profile 10 ios 9 support in IBM MobileFirst Platform Foundation
Support and comments For the entire IBM MobileFirst Platform documentation set, training material and online forums where you can post questions, see the IBM website at: http://www.ibm.com/mobile-docs Support Software Subscription and Support (also referred to as Software Maintenance) is included with licenses purchased through Passport Advantage and Passport Advantage Express. For additional information about the International Passport Advantage Agreement and the IBM International Passport Advantage Express Agreement, visit the Passport Advantage website at: http://www.ibm.com/software/passportadvantage If you have a Software Subscription and Support in effect, IBM provides you assistance for your routine, short duration installation and usage (how-to) questions, and code-related questions. For additional details, consult your IBM Software Support Handbook at: http://www.ibm.com/support/handbook Comments We appreciate your comments about this publication. Please comment on specific errors or omissions, accuracy, organization, subject matter, or completeness of this document. The comments you send should pertain to only the information in this manual or product and the way in which the information is presented. For technical questions and information about products and prices, please contact your IBM branch office, your IBM business partner, or your authorized remarketer. When you send comments to IBM, you grant IBM a nonexclusive right to use or distribute your comments in any way it believes appropriate without incurring any obligation to you. IBM or any other organizations will only use the personal information that you supply to contact you about the issues that you state. Thank you for your support. If you would like a response from IBM, please provide the following information: v Name v Address v Company or Organization v Phone No. v Email address Copyright IBM Corp. 2015 11
12 ios 9 support in IBM MobileFirst Platform Foundation
Notices This information was developed for products and services that are offered in the USA. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-ibm product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive, MD-NC119 Armonk, NY 10504-1785 United States of America For license inquiries regarding double-byte character set (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to: Intellectual Property Licensing Legal and Intellectual Property Law IBM Japan Ltd. 19-21, Nihonbashi-Hakozakicho, Chuo-ku Tokyo 103-8510, Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-ibm websites are provided for convenience only and do not in any manner serve as an endorsement of those Copyright IBM Corp. 2015 13
websites. The materials at those websites are not part of the materials for this IBM product and use of those websites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact: IBM Corporation Dept F6, Bldg 1 294 Route 100 Somers NY 10589-3216 USA Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee. The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us. Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment. Information concerning non-ibm products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-ibm products. Questions on the capabilities of non-ibm products should be addressed to the suppliers of those products. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrate programming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. The sample 14 ios 9 support in IBM MobileFirst Platform Foundation
programs are provided "AS IS", without warranty of any kind. IBM shall not be liable for any damages arising out of your use of the sample programs. Each copy or any portion of these sample programs or any derivative work, must include a copyright notice as follows: Portions of this code are derived from IBM Corp. Sample Programs. Copyright IBM Corp. _enter the year or years_. All rights reserved. Trademarks IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at Copyright and trademark information at www.ibm.com/legal/copytrade.shtml. Other company products or service names may be trademarks or service marks of others. This document may not be reproduced in whole or in part without the prior written permission of IBM. Terms and conditions for product documentation Permissions for the use of these publications are granted subject to the following terms and conditions. Applicability These terms and conditions are in addition to any terms of use for the IBM website. Personal use You may reproduce these publications for your personal, noncommercial use provided that all proprietary notices are preserved. You may not distribute, display or make derivative work of these publications, or any portion thereof, without the express consent of IBM. Commercial use You may reproduce, distribute and display these publications solely within your enterprise provided that all proprietary notices are preserved. You may not make derivative works of these publications, or reproduce, distribute or display these publications or any portion thereof outside your enterprise, without the express consent of IBM. Rights Except as expressly granted in this permission, no other permissions, licenses or rights are granted, either express or implied, to the publications or any information, data, software or other intellectual property contained therein. Notices 15
IBM reserves the right to withdraw the permissions granted herein whenever, in its discretion, the use of the publications is detrimental to its interest or, as determined by IBM, the above instructions are not being properly followed. You may not download, export or re-export this information except in full compliance with all applicable laws and regulations, including all United States export laws and regulations. IBM MAKES NO GUARANTEE ABOUT THE CONTENT OF THESE PUBLICATIONS. THE PUBLICATIONS ARE PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE. IBM Online Privacy Statement IBM Software products, including software as a service solutions, ( Software Offerings ) may use cookies or other technologies to collect product usage information, to help improve the end user experience, to tailor interactions with the end user or for other purposes. In many cases no personally identifiable information is collected by the Software Offerings. Some of our Software Offerings can help enable you to collect personally identifiable information. If this Software Offering uses cookies to collect personally identifiable information, specific information about this offering s use of cookies is set forth below. Depending upon the configurations deployed, this Software Offering may use session cookies that collect session information (generated by the application server). These cookies contain no personally identifiable information and are required for session management. Additionally, persistent cookies may be randomly generated to recognize and manage anonymous users. These cookies also contain no personally identifiable information and are required. If the configurations deployed for this Software Offering provide you as customer the ability to collect personally identifiable information from end users via cookies and other technologies, you should seek your own legal advice about any laws applicable to such data collection, including any requirements for notice and consent. For more information about the use of various technologies, including cookies, for these purposes, see IBM s Privacy Policy at http://www.ibm.com/ privacy and IBM s Online Privacy Statement at http://www.ibm.com/privacy/ details the section entitled Cookies, Web Beacons and Other Technologies and the IBM Software Products and Software-as-a-Service Privacy Statement at http://www.ibm.com/software/info/product-privacy. 16 ios 9 support in IBM MobileFirst Platform Foundation
Index A app thinning 3 App Transport Security (ATS) TLS 9 B Bitcode build options 5 E extended authenticity 3 I ios 9 3 T Transport Layer Security (TLS) 9 X Xcode 5 Xcode 7 3.tbd libraries 7 Copyright IBM Corp. 2015 17