Menu
i have following problem:
i have these files
developer_identity.cer
Team_Provisioning_Profile_.mobileprovision
In order to package adobe flex mobile application for iOS, i need to convert my .cer certificate into .p12 format. Following this tutorial on help.adobe.com i always get this problem when executing last openssl command:
"no certificate matches private key
error in pkcs12"
From what i understand i need somehow to get private key, that was used to create the certificate (do i understand this well??). How do i get the private key mykey.key if i only have .cer and .mobileprovision files mentioned above?
809
Convert the developer certificate file you receive from Apple into a PEM certificate file. Run the following command-line statement from the OpenSSL bin directory: If you are using the private key from the keychain on a Mac computer, convert it into a PEM key:
If you are using the private key from the keychain on a Mac computer, convert it into a PEM key: You can now generate a valid P12 file, based on the key and the PEM version of the iPhone developer certificate: If you are using a key from the Mac OS keychain, use the PEM version you generated in the previous step.
The .cer does not contain your private key and you cannot generate your .p12 file from it. You have to export them both at the same time from keychain. If you only have the .cer file, it's useless and you will have to create a new private key and certificate pair. Not sure you can get your private key if you lost it.
The certificate is public and often stored in an unencrypted .pem file. The key is private and often stored in the Keychain or an encrypted .p12 file. You can ask Apple for a new signing certificate, using a new private key and CSR. This does not require administrator access or access to the existing Keychain.
OpenSSL says no certificate matches private key when the certificate is DER-encoded. Just change it to PEM encoding before creating the PKCS#12.
Create key pair :
openssl genrsa -out aps_development.key 2048
Create CSR : openssl req -new -sha256 -key aps_development.key -out aps_development.csr
Upload the CSR to developer portal to get the certificate aps_development.cer
Convert the certificate: openssl x509 -inform DER -outform PEM -in aps_development.cer -out aps_development.pem
Build the PKCS#12: openssl pkcs12 -inkey aps_development.key -in aps_development.pem -export -out aps_development.p12
59
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
