Hello,
I’m using the Xcode Archive & Export for iOS step and I would like to ask why is the “Automatic code signing > Code signing certificate URL” parameter required?
I already have the API key method set up. The step should be able to pull the certificate from App Store Connect using the API key, isn’t that right?
Which build Step causes the issue and which version of the step?
Xcode Archive & Export for iOS (5.1.2)
Hi @effektsvk ,
When the API key-based automatic code signing is used, the step either lets xcodebuil do the code signing file management or directly uses the App Store Connect API.
Either way, creating a certificate involves creating and uploading a Certificate Signing Request (CSR).
This CSR file and the generated certificate are tight to the host macOS machine, the generated certificate file can be used for code signing, after installing it to the same machine’s Keychain.
(Once it is installed to the Keychain you can export it into a portable p12 format and use it on different machines, but the certificate file downloaded from the App Store Connect is tied to the machine that generated the CSR.)
So even if the step would generate a certificate, if the next build is running in a VM on a different physical machine, the previously generated certificate couldn’t be used after downloading through the App Store Connect API.
Ah, I understand it now.
I thought that the certificates are available to download from the App Store Connect API as well. In our company, my colleague generates those certificates, so I just asked him to upload one to Bitrise. It works now.
Thank you for clarifying. Have a great day!