I'm configuring automated build server for iOS application project. I've done most of it. Now, it's the final round. The security.
我正在为iOS应用程序项目配置自动构建服务器。我已经完成了大部分工作。现在,这是最后一轮。安全。
Developer certificate/private key and provisioning profile can be easily installed into Keychain with GUI. But I want to do this via command line to automate even the configuring process. Exporting/importing certificates, private keys, provisioning profiles via command line.
可以使用GUI轻松地将开发人员证书/私钥和配置文件安装到Keychain中。但是我希望通过命令行来实现这一点,甚至可以自动完成配置过程。通过命令行导出/导入证书,私钥,配置文件。
Any recommendations will be very appreciated.
任何建议将非常感谢。
2 个解决方案
#1
46
The always allow GUI is being triggered because codesign hasn't been given an acl to access your private key. try this:
始终允许GUI被触发,因为尚未为codesign提供访问私钥的acl。尝试这个:
security unlock-keychain -p <my keychain password>
security import Certificate.p12 -k ~/Library/Keychains/login.keychain -P password -T /usr/bin/codesign
The -T flag tells security to allow codesign to have access to the keys you are importing in Certificate.p12.
-T标志告诉安全性允许codesign访问您在Certificate.p12中导入的密钥。
#2
15
I found hints from: http://lists.apple.com/archives/apple-cdsa/2010/Mar/msg00021.html
我发现了以下提示:http://lists.apple.com/archives/apple-cdsa/2010/Mar/msg00021.html
The command is security. I'm reading manual page. I'll update this answer later after trial :)
该命令是安全的。我正在阅读手册页。我会在试用后稍后更新这个答案:)
--(edit)--
- (编辑) -
First, we have to give 'Always Allow' access to the certificates/keys in the Keychain manually once. I don't know how to do this without GUI.
首先,我们必须手动“永久允许”访问钥匙串中的证书/密钥一次。没有GUI,我不知道怎么做。
And run the command security unlock-keychain before running build tool for every session. I've used SSH, so I had to execute it once for every login sessions.
并在为每个会话运行构建工具之前运行命令security unlock-keychain。我使用过SSH,因此每次登录时都必须执行一次。
#1
46
The always allow GUI is being triggered because codesign hasn't been given an acl to access your private key. try this:
始终允许GUI被触发,因为尚未为codesign提供访问私钥的acl。尝试这个:
security unlock-keychain -p <my keychain password>
security import Certificate.p12 -k ~/Library/Keychains/login.keychain -P password -T /usr/bin/codesign
The -T flag tells security to allow codesign to have access to the keys you are importing in Certificate.p12.
-T标志告诉安全性允许codesign访问您在Certificate.p12中导入的密钥。
#2
15
I found hints from: http://lists.apple.com/archives/apple-cdsa/2010/Mar/msg00021.html
我发现了以下提示:http://lists.apple.com/archives/apple-cdsa/2010/Mar/msg00021.html
The command is security. I'm reading manual page. I'll update this answer later after trial :)
该命令是安全的。我正在阅读手册页。我会在试用后稍后更新这个答案:)
--(edit)--
- (编辑) -
First, we have to give 'Always Allow' access to the certificates/keys in the Keychain manually once. I don't know how to do this without GUI.
首先,我们必须手动“永久允许”访问钥匙串中的证书/密钥一次。没有GUI,我不知道怎么做。
And run the command security unlock-keychain before running build tool for every session. I've used SSH, so I had to execute it once for every login sessions.
并在为每个会话运行构建工具之前运行命令security unlock-keychain。我使用过SSH,因此每次登录时都必须执行一次。