Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Set of scripts to manage provisioning profiles, either locally or through the Apple developer center web site.
branch: master

This branch is 25 commits behind lacostej:master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.


What is this?

This is a set of scripts written in Ruby used to manage provisioning profiles and certificates either locally or through the Apple developer portal.

The project also contains a few scripts related to managing the provisioning profiles in xcode

They are used in continuous integration environments (for example using Jenkins) to update, compile & validate iOS (or Unity3d projects.

required dependencies

to manipulate provisioning profiles, you will need plist and json to access the Apple development center site, you will need mechanize >= 2.2 and encrypted_strings


$ ruby ./mobileprovisioning.rb 65RAGE----.mobileprovision -d -O plist.xml
$ tail plist.xml
$ ruby ./mobileprovisioning.rb 65RAGE----.mobileprovision -d UUID
$ ruby ./mobileprovisioning.rb 65RAGE----.mobileprovision -t
$ ruby ./mobileprovisioning.rb 65RAGE----.mobileprovision -d Name
TestFlight WWTK All Projects


$ ./apple_dev_center.rb -u -p xxxxxxx -d devcenter -O devcenter/site.json
$ ls devcenter/
A7D868EA-B1F3-4280-BD01-464653A-----.mobileprovision site.json DL29------.cer
$ prettyprint devcenter/site.json
            "profile":"TestFlight XXXX All Projects",
            "exp_date":"Jan 22, 2013"
    "profiles": [
            "name": "iOS Team Provisioning Profile: *",
            "type": "development",
            "appid": "D7NQRK----.*",
            "uuid": "A7D868EA-B1F3-4280-BD01-464653A-----",
            "statusXcode": "Active"
    "devices": [
            "name": "------- iPad 2 Wi-Fi",
            "udid": "96b9d40cdc20417928dd71c4a0cc03----------"

storing the password (encrypted in a configuration file instead)

If you don't want to have your password on the command line (so that it doesn't appear in log files), you can generate a config file

$ ./generate_apple_dev_center_config.rb YourSecretPassword "an optional seed key" > /path/to/config/apple_dev_center.config
$ cat /path/to/config/apple_dev_center.config
- password: l1/ChJtwxlmDnav8D4dZafRi6NOdme4Z

then use the apple_dev_center script as following:

# to avoid having to place password information on the command line
$ ./apple_dev_center.rb -u -C /path/to/config/apple_dev_center.config -S "an optional seed key" -d
# or to pick the default account and an empty secret key
$ ./apple_dev_center.rb -C /path/to/config/apple_dev_center.config -d

use with Jenkins

in a CI environment, you will probably want to avoid printing out the password and use the config. I like the build secrets plugin to be able to send that to any slave.

here's a useful step by step job configuration

  1. generate your config file

    ./generate_apple_dev_center_config.rb YourSecretPassword "an optional seed key" > your_apple_dev_center.config
    zip your_apple_dev_center.config
  2. a build step with the build secrets plugin in which you attach to a environement variable a zip file containing your config:

  3. a shell script that creates an file containing the site.json and related provisioning profiles

    mkdir -p adc
    rm -f adc/*
    ruby ./apple_dev_center.rb -C $APPLE_DEV_CENTER_CONFIG/your_apple_dev_center.config -S "an optional seed key" -u -d -O adc/site.json
    zip -r adc/
  4. [optional] archive the artifact, deploy it on a common place, etc

Technical information

Provisioning profiles are PKCS7 signed messages. The message itself is an XML plist. The script extracts the plist.


I am considering the following improvements

  • extract out the password storage functionality into an reusable encrypted password store for use by ruby scripts (in CI environments)
  • package the ruby scripts into libs and a gem to ease installation and update
  • add some functions to upload devices or sync an externally managed list of devices onto the apple developer center


Question & feedback:

Links where I got some tips for parsing provisioning profiles where I got some tips for downloading data from Apple developer center

Something went wrong with that request. Please try again.