Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

missing private key in the distribution certificate on keychain

People also ask

How do I get a private key for Apple distribution certificate?

Click on "Certificates" under the "iOS Apps" section. Expand the Certificates section on the left, select Distribution, and click on your distribution certificate. Click Revoke and follow the instructions. Click on the plus sign to add a new certificate.

How do I get my certificate private key?

On Windows servers, the OS manages your certificate files for you in a hidden folder, but you can retrieve the private key by exporting a “. pfx” file that contains the certificate(s) and private key. Open Microsoft Management Console (MMC). In the Console Root expand Certificates (Local Computer).

What is a private key in keychain?

A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt data. Secret keys should only be shared with the key's generator or parties authorized to decrypt the data.


enter image description hereAhh this is a common issue, The solution is simple:

Who ever created the developer credentials originally needs to go to the keychain on their computer and right click on the key(s) for private and public and export the key to a file. Then you just download that file on your computer and open it, and it will be added to your keychain.

You need to have both the private key (.pem file) and the certificate for your provisioning profiles.


As long as you still have access to the mac which was used to generate the original distribution certificate it's very simple.

Just use that mac's Keychain Access application to export both the certificate and the private key. Select both using shift or command and right click to export to a .p12 file.

Attached a screenshot to make it very clear.

On your mac, import that .p12 file and you are good to go (just make sure you have a valid provisioning profile).

Just choose export


To add on to others' answers, if you don't have access to that private key anymore it's fairly simple to get back up and running:

  1. revoke your active certificate in the provisioning portal
  2. create new developer certificate (keychain access/.../request for csr...etc.)
  3. download and install a new certificate
  4. create a new provisioning profile for existing app id (on provisioning portal)
  5. download and install new provisioning profile and in the build, settings set the appropriate code signing identities

Delete the existing one from KeyChain, get and add the .p12 file to your mac from where the certificate was created.

To get .p12 from source Mac, go to KeyChain, expand the certificate, select both and export 2 items. This will save .p12 file in your location:

enter image description here


For person who are afraid on re-creating AppStore distribution certificate Apple documentation says:

Important: Re-creating your development or distribution certificates doesn’t affect apps that you’ve submitted to the App Store nor does it affect your ability to update them.

But it affects apps for Apple Developer Enterprise ecosystem.


In my case, I've lost all private keys in my keychain, new ones were imported correctly, but doesn't show the private key as well. The only thing that helped was generating new CertificateSigningRequest


I lost hours and hours to resolve this issue, but it's fixed by just restarting MAC...