Xcode – CLI: Switch keychains in order to sign an xcodebuild

I am trying to switch on a certain keychain, and close another one.
I need this because our enterprise & appstore identities are called the same.

Right now, I do a "security unlock-keychain" followed by a "security default-keychain" to open the correct keychain and do a "security lock-keychain" on the keychain I wish not to use.

But xcodebuild still sees the entries in both keychains and gives up.

iPhone Distribution: Company name.: ambiguous (matches "iPhone Distribution: Company name." in /Users/user/Library/Keychains/login.keychain and "iPhone Distribution: Company name" in /Users/user/Library/Keychains/enterprise.keychain)

How do I prevent the system from finding the entry in the keychain that I lock?

Best Answer

You can tell Xcode which keychain to use:

xcodebuild "OTHER_CODE_SIGN_FLAGS=--keychain '$PATH_TO_KEYCHAIN'"

Or, if you call codesign directly:

codesign --keychain "$PATH_TO_KEYCHAIN"

If you use PackageApplication, there isn't a way to set this. However, PackageApplication is a pretty simple script that can be reimplemented if necessary (very useful if you're integrating with a larger system/script).

Best Answer

Related Solutions

Iphone – How to add authorizations to code sign an app from new keychain without any human interaction

Related Topic