How to install developer certificate/private key and provisioning profile for iOS development via command line?

Question

I\'m configuring automated build server for iOS application project. I\'ve done most of it. Now, it\'s the final round. The security.

Developer certificate/private k

Answer 1

Install certificate using command line:

security unlock-keychain -p <machine login password>
security import my_certificate.p12 -k ~/Library/Keychains/login.keychain -P my_password -T /usr/bin/codesign

---

Install mobile provision profile:

The simple way:

#install profiles, will trigger xcode to install the profile
open "my_profile1.mobileprovision"

# wait for xcode to process the request
sleep 3

# shut down xcode (optional)
kill $(ps aux | grep 'Xcode' | awk '{print $2}')

The complex way:

PROVISION_FILE ="my_profile.mobileprovision"

uuid=`security cms -D -i ${PROVISION_FILE } | grep -aA1 UUID | grep -o "[-a-zA-Z0-9]\{36\}"`

cp "$PROVISION_FILE " ~/Library/MobileDevice/Provisioning\ Profiles/$uuid.mobileprovision

Answer 2

The always allow GUI is being triggered because codesign hasn't been given an acl to access your private key. try this:

security unlock-keychain -p <my keychain password>
security import Certificate.p12 -k ~/Library/Keychains/login.keychain -P password -T /usr/bin/codesign

The -T flag tells security to allow codesign to have access to the keys you are importing in Certificate.p12.

Answer 3

I found hints from: http://lists.apple.com/archives/apple-cdsa/2010/Mar/msg00021.html

The command is security. I'm reading manual page. I'll update this answer later after trial :)

--(edit)--

First, we have to give 'Always Allow' access to the certificates/keys in the Keychain manually once. I don't know how to do this without GUI.

And run the command security unlock-keychain before running build tool for every session. I've used SSH, so I had to execute it once for every login sessions.