Skip to content

bitrise-steplib/steps-certificate-and-profile-installer

Repository files navigation

Certificate and profile installer

Step changelog

Downloads and installs the Apple code signing certificates and provisioning profiles.

Description

The Step installs those .p12 certificate files and provisioning profiles that you uploaded to your app's Code Signing tab. You can upload multiple versions of any code signing file.

Configuring the Step

By default, the Step requires no configuration. To be able to use it, you only need to upload a .p12 certificate and a matching provisioning profile to the Code signing tab.

However, if your certificates have passphrases, you need to make sure that passphrase is available for the Step.

  1. Create a Secret Env Var that contains the passphrase.
  2. Insert that Secret to the Certificate passphrase input.

Similarly, you can set the path to the Keychain that should be used in the Keychain path input, and set a password for the Keychain in the Keychain's password input.

Troubleshooting

In the case of most code signing issues, it's the Xcode Archive & Export for iOS Step that fails, not this one. If this Step fails, there's a couple of things you can do first.

  • Check the certificate passphrase, the Keychain path and the Keychain password.
  • Make sure you uploaded the required code signing files.

Useful links

Related Steps

🧩 Get started

Add this step directly to your workflow in the Bitrise Workflow Editor.

You can also run this step directly with Bitrise CLI.

⚙️ Configuration

Inputs
Key Description Flags Default
certificate_url URL of the certificate to download. Multiple URLs can be specified, separated by a pipe (|) character. You can specify a local path as well, using the file:// scheme. For example file://./Cert.p12 sensitive $BITRISE_CERTIFICATE_URL
certificate_passphrase Certificate passphrase. Multiple passphrases can be specified, separated by a pipe character (|). Specified Certificate passphrase count should match the count of the certificate urls. Pipe characters in passphrases are not supported. Format example: - 1 certificate provided with passphrase: PASS - 1 certificate provided without passphrase: `` - 3 certificates provided, none of them has passphrase: || - 3 certificates provided, only the 2. one has passphrase: `|PASS|` sensitive $BITRISE_CERTIFICATE_PASSPHRASE
provisioning_profile_url URL of the provisioning profile to download. Multiple URLs can be specified, separated by a pipe (|) character. You can specify a local path as well, using the file:// scheme. For example file://./BuildAnything.mobileprovision sensitive $BITRISE_PROVISION_URL
keychain_path Path to the Keychain where the code signing certificates will be installed. required $HOME/Library/Keychains/login.keychain
keychain_password Password for the provided Keychain. required, sensitive $BITRISE_KEYCHAIN_PASSWORD
install_defaults Installs default (Bitrise) Wildcard Provisioning Profile and Codesign Certificate for testing. yes
default_certificate_url URL of the default certificate. You can specify a local path as well, using the file:// scheme. For example file://./Cert.p12 sensitive $BITRISE_DEFAULT_CERTIFICATE_URL
default_certificate_passphrase Passphrase of the default Certificate. sensitive $BITRISE_DEFAULT_CERTIFICATE_PASSPHRASE
default_provisioning_profile_url URL of the default provisioning profile to download. You can specify a local path as well, using the file:// scheme. For example file://./BuildAnything.mobileprovision sensitive $BITRISE_DEFAULT_PROVISION_URL
verbose Enable logging additional information for troubleshooting required false
Outputs There are no outputs defined in this step

🙋 Contributing

We welcome pull requests and issues against this repository.

For pull requests, work on your changes in a forked repository and use the Bitrise CLI to run step tests locally.

Note: this step's end-to-end tests (defined in e2e/bitrise.yml) are working with secrets which are intentionally not stored in this repo. External contributors won't be able to run those tests. Don't worry, if you open a PR with your contribution, we will help with running tests and make sure that they pass.

Learn more about developing steps: