HexSign - Apple code signing vault, dashboard and CLI

Hi 👋

I'm Ash, the maker of HexSign. I've led Mobile CI/CD platforms running thousands of builds a day, and code signing was a recurring battle.

HexSign started with a problem every iOS team eventually hits: Apple code signing is a mess to manage. Certificates and .p12 files end up living in git, in a shared Dropbox, or in a 1Password vault someone has to remember to update. fastlane match works, but committing encrypted secrets always felt wrong. And nobody notices a certificate is about to expire until a release build fails at the worst possible moment.

HexSign is the tool I wanted instead:

• Automatic renewal: HexSign renews your certificates and provisioning profiles before they expire, completely hands-off. An expired cert never breaks your CI again.

• A secure, encrypted vault for certificates and provisioning profiles, so they never have to live in git again.

• A dashboard that shows every certificate, profile and app, and how they depend on each other, so you can see what breaks before it breaks.

• A CLI that runs the same way locally and in CI — GitHub Actions, GitLab, Bitrise, CircleCI, or any shell with integrations for fastlane too.

It works across multiple Apple Developer accounts, which is where the Developer Portal really starts to hurt.

HexSign is freemium, there's a free tier to try it on a real project and Growth & Team for teams.

For Product Hunt: use code PRODUCTHUNT for 3 months of Growth and Team plans on us.

I'd genuinely love your feedback, especially from anyone who has fought with code signing in CI. What still hurts? What would make this a no-brainer for your team? I'll be here all day answering everything.

Thanks for taking a look 🙏

awesome! Managing certs is a pain in the b*** for my indie apps. keen to try it out