Fastlane is my go-to tool for everything non-code related. One module that I love is Match. Match creates all required certificates & provisioning profiles and stores them in a separate git repository and sync them across your team.
It helps me avoid all the headache managing certificates and provisioning profiles for all these years.
Apple certificate only lasts for one year. So, you need to renew it every year, and this is where the problem begins. There is a small hiccup about this renewal process. Based on the discussion, The expired certificate is automatically removed by Apple and Fastlane doesn't really know if it was revoked manually by someone, expired, or if some other error occurred. So, instead of presuming anything unknown/dangerous to the user and their certificates, Match prompts us with the following error.
[!] Your certificate 'XXXXXXXXXX.cer' is not valid, please check end date and renew it if necessary
Which might leave you wondering how you could renew it? Manually or with Fastlane command?
So, this leaves us with two solutions, Automatically with the help of
fastlane match nuke and manually.
Automatically with nuke #
Nuke command revoke your certificates and provisioning profiles, which leave you a clean slate for a new beginning.
You can choose to nuke just only a specific environment of certificates and provisioning profiles by providing profile type (
fastlane match nuke development
fastlane match nuke distribution
fastlane match nuke enterprise
After clearing your account, you'll start from a clean slate, and you can run match to generate your certificates and profiles again.
fastlane match appstore
fastlane match development
This might be the easiest and fastest way to get your certificates and provisioning profiles up and running. The downside of this approach is, as the name implies, it will destroy all certificates and provisioning profiles for a particular environment. This might or might not be a problem, depending on your situation.
If you have more control over which certificates and provisioning profiles to destroy, the second way might suit you more.
What nuke really do is remove certificates and provisioning profiles for you, so you can choose to do that yourself.
- To do that, you need to make Fastlane forgot about existing certificates by removing them from the repository.
- Then go to Apple Developer portal and delete the provisioning profiles that associated with the certificate.
fastlane matchagain, and it will re-create new certificates and provisioning profiles for you.
Related Resources #
- match doesn't renew the signing certificate automatically after the certificate expires #11663
- App Store distribution certificate expiring #10724
Feel free to follow me on Twitter and ask your questions related to this post. Thanks for reading and see you next time.
If you enjoy my writing, please check out my Patreon https://www.patreon.com/sarunw and become my supporter. Sharing the article is also greatly appreciated.Become a patron Tweet Share