skillmd.
Methodologygeneric

asc-signing-setup

Set up bundle IDs, capabilities, signing certificates, provisioning profiles, and encrypted signing sync with the asc cli. Use when onboarding a new app, rotating signing assets, or sharing them across a team.

rudrankriyam/app-store-connect-cli-skills
View source

Install

npx skills add https://github.com/rudrankriyam/app-store-connect-cli-skills --skill asc-signing-setup

Use with your agent

ClaudeCursorOpenAIGemini

Install the asc-signing-setup skill, then use it as build context. Run: npx skills add https://github.com/rudrankriyam/app-store-connect-cli-skills --skill asc-signing-setup. Then read the installed skill.md and follow its guidance to build or refactor my project.

asc signing setup

Use this skill when you need to create or renew signing assets for iOS/macOS apps.

Preconditions

  • Auth is configured (asc auth login or ASC_* env vars).
  • You know the bundle identifier and target platform.
  • You have a CSR file for certificate creation.

Workflow

  1. Create or find the bundle ID:
    • asc bundle-ids list --paginate
    • asc bundle-ids create --identifier "com.example.app" --name "Example" --platform IOS
  2. Configure bundle ID capabilities:
    • asc bundle-ids capabilities list --bundle "BUNDLE_ID"
    • asc bundle-ids capabilities add --bundle "BUNDLE_ID" --capability ICLOUD
    • Add capability settings when required:
      • --settings '[{"key":"ICLOUD_VERSION","options":[{"key":"XCODE_13","enabled":true}]}]'
  3. Create a signing certificate:
    • asc certificates list --certificate-type IOS_DISTRIBUTION
    • asc certificates create --certificate-type IOS_DISTRIBUTION --csr "./cert.csr"
  4. Create a provisioning profile:
    • asc profiles create --name "AppStore Profile" --profile-type IOS_APP_STORE --bundle "BUNDLE_ID" --certificate "CERT_ID"
    • Include devices for development/ad-hoc:
      • asc profiles create --name "Dev Profile" --profile-type IOS_APP_DEVELOPMENT --bundle "BUNDLE_ID" --certificate "CERT_ID" --device "DEVICE_ID"
  5. Download the profile:
    • asc profiles download --id "PROFILE_ID" --output "./profiles/AppStore.mobileprovision"

Rotation and cleanup

  • Revoke old certificates:
    • asc certificates revoke --id "CERT_ID" --confirm
  • Delete old profiles:
    • asc profiles delete --id "PROFILE_ID" --confirm

Shared team storage with asc signing sync

Use this when you want a lightweight, non-interactive alternative to fastlane match for encrypted git-backed certificate/profile storage.

# Push current ASC signing assets into an encrypted git repo
asc signing sync push \
  --bundle-id "com.example.app" \
  --profile-type IOS_APP_STORE \
  --repo "[email protected]:team/certs.git" \
  --password "$MATCH_PASSWORD"

# Pull and decrypt them into a local directory
asc signing sync pull \
  --repo "[email protected]:team/certs.git" \
  --password "$MATCH_PASSWORD" \
  --output-dir "./signing"

Notes:

  • --password falls back to ASC_MATCH_PASSWORD.
  • The encrypted repo follows a familiar match-style git layout for certs and profiles.
  • pull writes files to disk; keychain import or profile installation is a separate step.

Notes

  • Always check --help for the exact enum values (certificate types, profile types).
  • Use --paginate for large accounts.
  • --certificate accepts comma-separated IDs when multiple certificates are required.
  • Device management uses asc devices commands (UDID required).