Menu
For aesthetic reasons, I would like to use the same private key that I used to create my distribution certificate a while ago, to create a new development certificate (my old one expired). But the "How to create a development certificate:" on the iOS provisioning portal require that you use Keychain Access create a new key. When I try to do Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority With "(my key name)" the Certificate Assistant doesn't actually create a CSR file.
Does anyone know if this can be done, and if so, how?
751
Create a certificate signing request Choose Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority. In the Certificate Assistant dialog, enter an email address in the User Email Address field. In the Common Name field, enter a name for the key (for example, Sarunw Dist Key).
Click on "Certificates" under the "iOS Apps" section. Expand the Certificates section on the left, select Distribution, and click on your distribution certificate. Click Revoke and follow the instructions. Click on the plus sign to add a new certificate.
Click Apple Push Certificates portal. In the new tab, sign in to the Apple portal with the Apple ID and password you used when you created the certificate. Next to the certificate you want to renew, click Renew and accept the terms of use.
If your certificate is revoked, your passes will no longer function properly. If your Apple Developer Program membership is valid, your existing apps on the App Store won't be affected. However, you'll no longer be able to upload new apps or updates signed with the expired or revoked certificate to the App Store.
First, I had to export my private key from the keychain as a p12 file. I tried scripting this, but was unsuccessful.
Run the following openssl command to convert your password-protected p12 file to a pem. openssl will prompt for a password.
openssl pkcs12 -in your-newly-exported-p12-file.p12 -out your-newly-exported-p12-file-as-a-pem.pem -nodes Run the following command on your pem file to generate the csr.
openssl req -new -key your-newly-exported-p12-file-as-a-pem.pem -out your-csr-to-submit-to-apple.csr To generate a CSR from an existing Private Key in Keychain Access, just right-click (two-finger click) on the Private Key you want to use and choose REQUEST A CERTIFICATE FROM A CERTIFICATE AUTHORITY WITH "(My Key Name)"
Then enter the User Email Address and CA Email Address (I just use the same email address for both) and then choose Saved To Disk.
25
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
