Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error when import certificate #14

Open
paulocoutinhox opened this issue Feb 20, 2021 · 3 comments
Open

Error when import certificate #14

paulocoutinhox opened this issue Feb 20, 2021 · 3 comments

Comments

@paulocoutinhox
Copy link

paulocoutinhox commented Feb 20, 2021
edited
Loading

Hi,

I have an error when import certificate:

Run apple-actions/import-codesign-certs@v1
  with:
    keychain: prprojector-macos
    create-keychain: false
    p12-file-base64: ***
  
    p12-password: ***
  env:
    pythonLocation: /Users/runner/hostedtoolcache/Python/3.7.9/x64
/usr/bin/security unlock-keychain -p *** prprojector-macos.keychain
/usr/bin/security import /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmp-141161bqITyzXbWx -k prprojector-macos.keychain -f pkcs12 -A -T /usr/bin/codesign -T /usr/bin/security -P ***
1 identity imported.
/usr/bin/security set-key-partition-list -S apple-tool:,apple: -k *** prprojector-macos.keychain
security: SecKeychainItemSetAccessWithPassword: The user name or passphrase you entered is not correct.
keychain: "/Users/runner/Library/Keychains/prprojector-macos.keychain-db"
version: 512
class: 0x00000010 
attributes:
    0x00000000 <uint32>=0x00000010 
    0x00000001 <blob>="PRSolucoes - MAC"
    0x00000002 <blob>=<NULL>
    0x00000003 <uint32>=0x00000001 
    0x00000004 <uint32>=0x00000000 
    0x00000005 <uint32>=0x00000000 
    0x00000006 <blob>=0xC5E5668354F97F1DFA608DBD215C73D4A6AC4FC0  "\305\345f\203T\371\177\035\372`\215\275!\134s\324\246\254O\300"
    0x00000007 <blob>=<NULL>
    0x00000008 <blob>=0x7B38373139316361322D306663392D313164342D383439612D3030303530326235323132327D00  "{87191ca2-0fc9-11d4-849a-000502b52122}\000"
    0x00000009 <uint32>=0x0000002A  "\000\000\000*"
    0x0000000A <uint32>=0x00000800 
    0x0000000B <uint32>=0x00000800 
    0x0000000C <blob>=0x0000000000000000 
    0x0000000D <blob>=0x0000000000000000 
    0x0000000E <uint32>=0x00000001 
    0x0000000F <uint32>=0x00000001 
    0x00000010 <uint32>=0x00000001 
    0x00000011 <uint32>=0x00000000 
    0x00000012 <uint32>=0x00000001 
    0x00000013 <uint32>=0x00000001 
    0x00000014 <uint32>=0x00000001 
    0x00000015 <uint32>=0x00000001 
    0x00000016 <uint32>=0x00000001 
    0x00000017 <uint32>=0x00000001 
    0x00000018 <uint32>=0x00000001 
    0x00000019 <uint32>=0x00000001 
    0x0000001A <uint32>=0x00000001 
Error: The process '/usr/bin/security' failed with exit code 1

Log:
https://github.com/paulo-coutinho/prprojector/runs/1939802758?check_suite_focus=true#step:9:15

Can you help me?
@paulocoutinhox
Copy link
Author

I solved with:

- name: Install application certificate
  uses: apple-actions/import-codesign-certs@v1
  with: 
    keychain: ${{ github.run_id }}
    keychain-password: ${{ github.run_id }}
    p12-file-base64: ${{ secrets.MAC_APPLICATION_CERTIFICATE_P12 }}
    p12-password: ${{ secrets.MAC_APPLICATION_CERTIFICATE_PASSPHRASE }}

- name: Install installer certificate
  uses: apple-actions/import-codesign-certs@v1
  with: 
    keychain: ${{ github.run_id }}
    keychain-password: ${{ github.run_id }}
    create-keychain: false
    p12-file-base64: ${{ secrets.MAC_INSTALLER_CERTIFICATE_P12 }}
    p12-password: ${{ secrets.MAC_INSTALLER_CERTIFICATE_PASSPHRASE }}

You can add support for multiple certificates to help us add more than one.

A parameter called "amount" will add to environment variables suffix: "_1", "_2" ... to amount number. Or p12-file-base64 and p12-password can accept array data.

@amitpdev
Copy link

Thank you @paulo-coutinho!
multiple certificates support is absolutely essential

@benbowler
Copy link
Contributor

If anyone else comes across this in future, you can easily use multiple certificates, the key is to do it when exporting the certificates from keychain on the mac. You can export as many as you want into a single p12 file. I explored all of my Developer, Mac and iOS certificates and keys (around 11 certificates) into a single file and it works a treat.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@benbowler @paulocoutinhox @amitpdev