Sometimes, you can’t manage your certificates via match automatically, because you don’t have permission or your certificates are shared by multiple teams, or you don’t want match to revoke your all certificates.
So how can you do, can you still use match to manage existing certificates?
Answer is Yes.
I will share how to migrate the certificates to match.
Step 1: Create match repo manually
Create your repo to hold all your encrypted certificates and profiles, and make sure the structure of repo as following:
Step 2: Export your existing certificates
- export your cercitificate to .cer format, as follow,
2. Do the same thing to export your certificate with private key as .p12 format.
Note: don’t put any password when exporting as fastlane doesn’t support it.
3. encrypt your files as fastlane match encrypt the files in the repo.
openssl enc -aes-256-cbc -k "ENCRYPT_WITH_PASSWORD" -in "certificates.cer" -out "certificates.new.cer" -a -e -saltopenssl enc -aes-256-cbc -k "ENCRYPT_WITH_PASSWORD" -in "certandkey.p12" -out "certandkey.new.p12" -a -e -salt
Note: replace ENCRYPT_WITH_PASSWORD with your password, you need it when you decrypt the certificate.
4. Rename your file to your certificate id.
how to know your certificate id?
You can login to developer.apple.com and click the certificate, you can find the id at the end of url.
Final Step: Push new certs to repo
- Copy your two encrypted certificates to distribution folder of repo, and push it.
2 . Create your lane in your Fastlane file,
lane :get_cert do
match(app_identifier: com.test,
type: ‘appstore’,
readonly: true,
verbose: true)
endNote: you have to set
readonlytotrue
3. And create your match file,
for_lane :get_cert do
git_url(repo_url)
type('appstore')
app_identifier("com.test")
username(developer_account) # Your Apple Developer Portal username
end4. Then run,
fastlane get_cert
Enjoy with your exiting certificates.
