Company Hub App for Business on Windows Phone 8

Windows Phone has been always a great choice for consumers with its great set of features, and its level of customization, to simply make your Windows Phone unmistakably yours.

But Microsoft didn’t just focus on delighting the consumers. Microsoft also focused on meeting the needs of business. Features like Office, BitLocker, Native support for IRM, supporting Exchange server; ActiveSync; Sharepoint; Lync server & Company Hub, makes Windows Phone “The right choice for Business” .

In this post, we’ll talk about “Company Hub”, and how it enables enterprises to increase the productivity of their employees, by providing the right business apps and information right to their hands.

Company Hub, for Users (the Employees), is a one stop shop for work on the phone. Employees can see a list of business apps provided by the enterprise, and get all the information they need to be productive and stay up to date.

Company Hub, for the developers is simply a Windows Phone app which will use special tools (for signing and compiling) and set of APIs to list the business apps provided by the enterprise. Also, like any other Windows Phone app, developers can add more features and be creative. For example, the app can show the latest news and events about the company or even push the important news to the phone using Push Notifications to keep the employees updated.

 

Before creating the app, We need to get the following:

1. Publisher ID, even though you will not publish the app to the store, you still need this ID to list the business apps installed on the phone. Also, it will be used to get the Enterprise Mobile Code Signing Certificate.
2. Enterprise Mobile Code Signing Certificate, which will be used to get PFX certificate
3. PFX certificate, which will be used to get Application Enrollment Token & Sign the business apps (including company hub)
4. Application Enrollment Token, which will be used to enroll the phones to the enterprise (otherwise, the phones wont be able to install the business apps)

We will get through details of each one.

 

Getting a Publisher ID

To get the publisher ID you will need to sign up through Windows Phone Dev Center for a Company Account (NOT Individual/Student). Signing up will go through two steps; first complete the registration and paying the subscription feeds (costs now $99 per year). Second step is completing the Microsoft Account Validation Process.

Microsoft Account Validation Process helps to protect your company’s identity from being used without your knowledge, while also maintaining trust for the people buying your apps.

You will receive an email from Symantec (which is a Microsoft partner that works to validate the authenticity of the business registered in the Windows Phone Dev Center). In that email, Symantec will ask for more info to validate your account, and might also call you toe complete the process

 

Getting Enterprise Mobile Code Signing Certificate

After verifying your account, we need to get the Enterprise Mobile Code Signing Certificate. Go to the Enterprise Mobile Code Signing Certificate website, and Enter the Publisher ID and the email you used to sign up in the Dev Center. (This certificate costs now $299 per year).
Once you’re done, you will get the Enterprise Mobile Code Signing Certificate. Import this certificate into your computer.

 

Exporting PFX file

We will export the PFX certificate using the Enterprise Mobile Code Signing Certificate which was imported to the computer

To export the PFX certificate using the Certificates snap-in:

1. Go to the Start menu and search for “run” and then type mmc to start the Microsoft Management Console.
2. On the File menu, click Add/Remove Snap-in. The Add or Remove Snap-ins dialog box appears.

3. In Available snap-ins, click Certificates, and then click Add.

4. Select Computer account, and then click Next.

5. Select Local computer, and then click Finish.

6. If you have no more snap-ins to add to the console, click OK.

7. In the Microsoft Management Console, in the console tree, expand Certificates, and then expand Personal.

8. In the details pane, click the certificate you want to manage. Right click on the certificate, point to All Tasks, and then click Export. The Certificate Export Wizard appears. Click Next.

9. On the Export Private Key page, click Yes, export the private key. Click Next.

10. On the Export File Format page, select Personal Information Exchange – PKCS #12 (.PFX). Click Next.

11. On the Password page, type and confirm the password that is used to encrypt the private key. Click Next.

12. Follow the pages of the wizard to export the certificate in PFX format.

 

Creating Application Enrollment Token

To create the Application Enrollment  Token (AET), we will use the PFX certificate we created in the previous step. From the Windows Phone SDK, we will use the AETGenerator:

Start the VS2012 x86 Native Tools Command Prompt as an administrator.

Change the current directory to the directory where the PFX file is located.
Run the AETGenerator tool with the following command line. Be sure to replace the placeholder text in this command with appropriate values. replace the “key.pfx” with your own certificate name, & the P@ssw0rd with your password.

This command will generate AET files with different extensions. These files will be used to enroll the employees’ phones to the enterprise. If you have Windows Intune or System Center implemented, then the AET.aet will be used.

If the company doesn’t have Windows Intune or System Center, then the AET.aetx file will be used. You can simply send this file as an email attachment or host this file on some secure web server so employees can download it later to enroll their phones.

 

Precompile, sign and Distribute the business app

Before distributing the business apps (including the Company Hub), we need to do the following for each one:
Precompile any managed assemblies that are included in the XAP into native code. (MDILXAPCompile will be used)
Sign the XAP with the PFX file that is exported from the enterprise certificate (XapSignTool will be used)

Now instead of executing the commands MDILXAPCompile and XapSignTool manually, Microsoft provided a script to automate the whole process in one line using PowerShell :

You will have to provide three values:
The package file (XAP)
The PFX certificate file
The password

Now that your packages are precompiled and signed. you can host the packages in some secure web server. And list these apps inside your Company Hub app.

 

You can read more about Windows Phone & other MS techs from my blog