Skip to main content
Transform your testing process with: Real Device Features, Company-wide Licences, & Accessibility Testing

iOS App Patching

App Live enables customers to use sensor instrumentation features, such as biometric authentication without getting their app resigned by Browserstack, thus preventing iOS entitlement issues or authentication issues or invalid certificate issues during testing on Browserstack devices.

Important: The App Patching feature is available only to Enterprise customers.

In this guide, you will learn about :

Why you need App Patching

As an enterprise customer, you might encounter webpage errors and other issues while using biometric features on Browserstack devices. Since Browserstack instruments your app and resigns it with Browserstack certificate, the app is treated as an invalid during app testing, thus leading to app crashes.

Using the iOS App patching feature, you can convert the original app to an instrumented app and use the sensor instrumentation features such as Biometrics. In this process, you use a BrowserStack endpoint where you can upload an unsigned original app and receive the instrumented app as the response. After app patching instrumentation, your app can use the sensor instrumentation features on Browserstack devices without any error.

Use App Patching for iOS Apps

You must use the Browserstack endpoint to patch your app, and then sign the app with your own certificate, thus resolving any issues that occur from app resigning.

App instrumentation involves:

a) Uploading an unsigned app (.ipa) file to the Browserstack endpoint and getting the instrumented app(. ipa) file.

b) Signing the instrumented app with your certificates.

c) Uploading the signed instrumented app to Browserstack for using the sensor instrumentation features.

Get instrumented app

  • Contact Browserstack support to access an endpoint that you can use to get your app instrumented. You can save the instrumented app, customer_app_instrumented.ipa, in a directory.

Sign your Instrumented App

Prerequisites:

  • The login keychain DB is unlocked.
    In your command line tool, run the following command:
          security unlock-keychain -p "<keychain_password>" "<absolute_path_to_login_keychain_db>
    


    For example, typically the keychain is available in the ~/Library/Keychains/login.keychain-db directory. If your macOS password is abcd@123, then the sample command is:

          security unlock-keychain -p "abcd@123" "~/Library/Keychains/login.keychain-db"
    
  • The .mobileprovision file corresponding to the signing certificate that you will use to sign the app is available. This file, for example cert.mobileprovision, is specific to your organization.
  • customer_app_signer.sh script file from BrowserStack is available.

To sign the instrumented app, complete the following steps:

  1. On the command line tool, run the following command :

    security find-identity -v -p codesigning
    

    The following code shows the format of the sample response:

    x) <40_char_string> "iPhone Distribution: Some Inc"
    

    Here are few sample responses:

    • W19SNVTCZH0MKG491R7I3XJ3D028EWH9PJV4UY2S "iPhone Distribution: Some Inc."
    • IFMJ2RVFIWQ1I4MM60KHO7H5F1WCFMBCVLM93HUL "iPhone Distribution: Anything Inc."
  2. Copy and save the 40 char long string that corresponds to the certificate you want to use for signing. This string is the provisioning_identity that will be used in later steps.

  3. Generate the entitlements file by running following command and add the absolute path to the cert.mobileprovision file.

      security cms -D -i </absolute_path_to/cert.mobileprovision> /tmp/tmp.plist &&  /usr/libexec/PlistBuddy -x -c 'Print:Entitlements' /tmp/tmp.plist > /tmp/cert.plist
    

    Copy and save the /tmp/cert.plist to a directory.

  4. Create a instrumentation_signing directory and save the following files to it:
    • Instrumented Enterprise app that you received from BrowserStack, customer_app_instrumented.ipa
    • customer_app_signer.sh script file from BrowserStack
    • cert.mobileprovision file specific to your organization.
    • cert.plist entitlements file
    • 40 char long provisioning_identity
  5. Run the following command:

      bash customer_app_signer.sh "<absolute_path_to_unsigned_instrumented_ipa>" "<provisioning_identity>" "<absolute_path_to_cert.mobileprovision>" "<absolute_path_to_signed_ipa>" "<absolute_path_to_cert.plist>" "<absolute_path_to_working_directory>"
    

    For example, the following command is used when your run it from the instrumentation_signing directory:

      bash customer_app_signer.sh "customer_app_instrumented.ipa" "<provisioning_identity>" "cert.mobileprovision" "customer_app_instrumented_signed.ipa" "cert.plist" "/instrumentation_signing/"
    

    After you sign the instrumented app, the script file returns the signed instrumented app, customer_app_instrumented_signed.ipa.

Upload your signed instrumented app

  1. Log in to the App Live dashboard.
  2. On the Select Source page, click the Settings icon next to your app.
  3. Enable the iOS Entitlements option, and disable the Biometric Authentication and Image Injection options. Enable ios entitlements and disable biometric authentication and image injection
  4. Select the required device-OS where you want to test the app.

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked






Thank you for your valuable feedback

Is this page helping you?

Yes
No

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked






Thank you for your valuable feedback!

Talk to an Expert
Download Copy