Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to create a private key for iPhone Distribution Certificate?

In iPhone Developer Program Portal, there's a video to demonstrate how to create a development certificate and assign a private key

Now I have finished the development process and starting to distribute

I have created a "Distribution Certificate", but how do I assign a private key to this certificate?

As it got the "CodeSign error: code signing identity '...' does not match any code-signing certificate in your keychain" when compiles

It will be glad to let me now if I need to assign a private key to the distribution cert and how.

Please be noticed that I am NOT talking about development certificate here, thanks.

like image 444
Unreality Avatar asked Mar 27 '09 07:03

Unreality


People also ask

How do I get a private key for Apple distribution certificate?

Click on the plus sign to add a new certificate. Select "App Store and Ad Hoc" option, and click Continue. Follow the steps printed in the webpage. That involves opening the Keychain application on your Mac and generate a Certificate Signing Request from there.

How do I add a private key to my certificate?

Assign the existing private key to a new certificate Sign in to the computer that issued the certificate request by using an account that has administrative permissions. Select Start, select Run, type mmc, and then select OK. On the File menu, select Add/Remove Snap-in. In the Add/Remove Snap-in dialog box, select Add.


2 Answers

As no one has updated or answered this question since Nathan pointed out the original answer link is unavailable (Point number one on posting on stackoverflow "Please be sure to answer the question") here is an answer from my experiance, hope it helps someone:

For this specific question (Dev/Distribution cert installed but no private key) the answer is a choice of 2 alternatives:

1. Create a new certificate identity via the apple devloper portal In this case you'll need to log into the apple developer portal and use the assistant, as part of this you will need to create and upload a CSR (Certificate Signing Request) which will also create the public and private keys on the machine. Apple sign the request and voila, a signed public/private certificate pair : Reference

2. Export the private key from the machine originally used to create the Certificate This case is when your signing with an identity previously created, probably on an old machine or if (as in my case) your developing for a client that has their ID's already created. If you can't access the machine originally used to create the certificate identity you'll have to create a new identity as per the guide/assistant.

To do this, you will need to export your private key (a .p12 file), or public/private key pair via Keychain Access, and install the private key or key pair to the machine your developing on. Here's a guide I found on stackoverflow.

Ref: http://iphonedevsdk.com/forum/iphone-sdk-development/11498-problems-exporting-importing-p12-private-key-for-developing-on-another-mac.html

PS> Be warned, I am performing the latter option right now, and while evidence suggests this will work, it is untested by me as of yet, If if doesn't work I will re-reply!

like image 146
Danny Walker Avatar answered Sep 29 '22 16:09

Danny Walker


Read the Maintain Signing Assets section of the Xcode Help site. It explains step-by-step what you will need to do, in the correct order.

Before you can code sign your app, you create your development certificate and later, a distribution certificate to upload your app to iTunes Connect. You can create all the types of certificates and signing identities you need using Xcode. Xcode creates, downloads, and installs your signing identities for you.

All team members can create their own development certificate. Only a team agent or admin can create a distribution certificate. Only a team agent can create a Developer ID certificate. If you have an organization membership, read Managing Your Team in Member Center for a description of team roles and tasks that team agents perform on behalf of team members.

Xcode creates your development certificate for you when you need it. For example, when you assign your project to a team or create the team provisioning profile, as described in Configuring Identity and Team Settings, Xcode creates your development certificate and adds it to the team provisioning profile. Because of this, you typically create distribution certificates using the Xcode Preferences window.

To create a signing identity

  1. In the Xcode Preferences window, click Accounts.

  2. Select the team you want to use, and click View Details.

  3. In the dialog that appears, click the Create button in the row of the type of certificate you want to create.

    If the Create button is disabled, you are not allowed to create that type of signing identity. For a description of each type of certificate, refer to Table 14-2.

    After the signing identity is created, the Create button disappears.

  4. To return to Accounts preferences, click Done.

like image 37
Alex Reynolds Avatar answered Sep 29 '22 14:09

Alex Reynolds