I'm trying to use AppleDev.Tool in a GitHubActions runner (on macOS) where it's called by .NET MAUI - Apple Provisioning.
It's giving me an error now where I think it should be working based on my configuration:
─────────────────────────────── Provisioning... ────────────────────────────────
Creating Keychain /Users/runner/Library/Keychains/build.keychain-db... Done.
Setting Default Keychain /Users/runner/Library/Keychains/build.keychain-db... Done.
Unlocking Keychain /Users/runner/Library/Keychains/build.keychain-db... Done.
Importing Certificate into /Users/runner/Library/Keychains/build.keychain-db
(AllowAnyAppRead: True)...Error: PKCS12 (PFX) without a supplied password has exceeded maximum allowed
iterations. See https://go.microsoft.com/fwlink/?linkid=2233907 for more
information.
I'm passing the both the certificate password and certificate as a base64 string from GitHub secrets as per the Apple Provisioning action documentations.
It seems like var x509 = new X509Certificate2(certificateData); should be var x509 = new X509Certificate2(certificateData, settings.CertificatePassphrase); when a passphrase is present or possibly var x509 = new X509Certificate2(certificateData, (string)null); when using trusted certificate data with no passphrase.
I'm trying to use AppleDev.Tool in a GitHubActions runner (on macOS) where it's called by .NET MAUI - Apple Provisioning.
It's giving me an error now where I think it should be working based on my configuration:
That link goes to KB5025823 Change in how .NET applications import X.509 certificates
I'm passing the both the certificate password and certificate as a base64 string from GitHub secrets as per the Apple Provisioning action documentations.
https://github.com/Redth/AppleDev.Tools/blob/83e10db50e9bcd3840dd669f32ffa2af1281fa4b/AppleDev.Tool/Commands/CI/ProvisionCiCommand.cs#L92
It seems like
var x509 = new X509Certificate2(certificateData);
should bevar x509 = new X509Certificate2(certificateData, settings.CertificatePassphrase);
when a passphrase is present or possiblyvar x509 = new X509Certificate2(certificateData, (string)null);
when using trusted certificate data with no passphrase.