# NonaTemplate :: iOS certificates This project makes use of [Fastlane match](https://docs.fastlane.tools/actions/match/) to manage certificates and provisioning profiles for signing. You can install certificates by running `npm run ios:certificates`. You may be asked for a github repo decryption key, which is stored under Lastpass. You should also have the Environment variables for the App Store API used set in your environment. These are: ```bash export APP_STORE_CONNECT_KEY_ID=***** export APP_STORE_CONNECT_ISSUER_ID=**** export APP_STORE_CONNECT_API_KEY_B64=*** ``` These are both stored in the shared NonaTemplate folder in Lastpass, under the secure note listing environment variables. APP_STORE_CONNECT_API_KEY_B64 is the base 64 encoded version of the API key. You can get this value by downloading the key file and then running `cat KeyFileName | base64` in a terminal. Note that the user related to those environment variables should have App Manager permissions (if you choose to use an API key associated with another user). ## Adding new devices If you add a new device under devices = in `ios/Fastfile` then you should run `npm run ios:registernewdevices` from the project root. This essentially runs the Fastlane command fastlane register_new_devices, which will register the devices on the Developer Portal, and if there are any new ones, recreate the provisioning profiles with these new devices. ## Renewing Certificates At some point, your provisioning profiles and certificates will expire and new ones will need to be created. To do this with match, you need to log in to the [Developer Portal](https://developer.apple.com/account/resources/certificates/list) with the necessary permissions and remove the **provisioning profiles** (you don't have to remove the certificates) for the application. Then, you need to clone the match repo, and remove the files at the paths /certs/development and /certs/distribution, commit on master, and push to the remote. Next, from this application run the following commands: - `cd ios` - `bundle exec fastlane develop_certificates readonly:false` - `bundle exec fastlane appstore_certificates readonly:false` - `cd ..` These will create new certificates and provisioning profiles, commit them to the match repo and upload them to the Developer Portal. After this, go to the [Developer Portal](https://developer.apple.com/account/resources/certificates/list), and check that your certificates and provisioning profiles have in fact been created as expected.