import_certificates_match.mo
Last updated
Last updated
When using Fastlane's , you might want to update the certificates or provisioning profiles manually if you don't have enough rights on the publisher's Apple developer account (meaning that you're unable to create certificates and provisioning profile by your own or by using match).
A .p12
distribution certificate and its password, say cert.p12
A .mobileprovision
provisioning profile, say profile.mobileprovision
An Apple developer account that has read access to the publisher's Apple developer account (check by )
Write access to the Match git repo, say certificates.git
The app's bundle identifier: BUNDLE_IDENTIFIER
A list_certificates
lane in your Fastfile
:
Install the distribution certificate in your Keychain
(double click)
In your Keychain
, under "My certificates", export the certificate in the .cer
format (right click), say cert.cer
Find the new distribution certificate's ID
Run bundle exec fastlane ios list_certificates
with the account that has access to the publisher's Apple developer account
Find the line corresponding to the new distribution certificate and note the certificate ID CERT_ID
Extract the private key from cert.p12
: openssl pkcs12 -nocerts -nodes -out cert.pem -in cert.p12
Open cert.pem
in a text editor and make sure it starts with -----BEGIN RSA PRIVATE KEY-----
. If it's the case, go directly to 7.
Convert the private key to a RSA private key: openssl rsa -in cert.pem -out cert.pem
Find the password of the Match git repo's branch (MATCH_PASSWORD
) in your secret files
Cypher the private key with the Match algorithm: openssl aes-256-cbc -k ${MATCH_PASSWORD} -in cert.pem -out ${CERT_ID}.p12 -a
Cypher the public key: openssl aes-256-cbc -k ${MATCH_PASSWORD} -in cert.cer -out ${CERT_ID}.cer -a
Cypher the provisioning profile: openssl aes-256-cbc -k ${MATCH_PASSWORD} -in profile.mobileprovision -out AppStore_${BUNDLE_IDENTIFIER}.mobileprovision -a
Clone the Match git repository.
Checkout the MATCH_GIT_BRANCH
.
Remove the old certificates and provisioning profiles and add the new ones.