I've removed all development and installer certificates from the development portal, created a new CSR and generated new Application and Installer certificates.
Now I'm about to distribute the App to the MAS and am constantly presented with this error:
"Name" is a valid identity. However, the private key for the associated package
identity "Name" is not installed on this Mac.
Developer Profiles from a different Mac can be imported.
This puzzles me, since the private key is on the System, how else could I've generated the certificates without them?
Double check you have removed all old certs, there is a menu item in the KeyChain app to show all expired certs. I threw away all expired certs and things started working.
Got it working:
Created a new user account on my Mac
Cloned the repo there
Removed all Provisioning Profiles and Certificates from the Dev Portal
Let Xcode generate all the Certificates for you
Upload works!
The problem is Mac Installer Distribution certificate.
The easiest way to have everything fixed and loose all the troubles just go to Xcode->Window->Organizer->Devices and then on the lower right corner press on Refresh and log in with your account... xcode will generate and download all the certificates and provisioning profiles needed.
I followed the instructions and deleted all expired certificates from the keychain and refreshed the profiles list within the organizer. How ever the error only vanished after I restarted Xcode.
Related
On a new mac, I installed xcode and needed to set up provisioning for a hello-world project to deploy to my iPad.
NOTE: I am using the new FREE provisioning (do not have a paid Apple account)
I went to Preferences/Account signed in to my Apple account
In the project, General tab, Team is set to my (free) Apple Dev account. (all seemed well, it recognized this as valid)
I tried to deploy to the iPad and I got a build error "codesign failed with exit code 1"
Supposedly this is to do with certificates. I went to Keychain Access and found "iPhone Developer: my#email.com (...)" in there, which was added when I signed in via my Apple Account.
I DELETED this key (thinking I would simply re-add my Apple Account and thus this key)
I then removed and re-added my Apple account from xcode preferences
I can sign-in, I can see it adds keys, and Keychain Access Get Info on the keys indicates no issues (valid, etc)
In xcode Preferences, when I click Manage Certificates, it shows "David's MacBook Pro (2)" and a bunch of "Untitled" keys ALL of which have a status of "Missing Private Key".
xcode/General/Status section says "The username or passphrase you entered is not correct" even though my "Team" is signed in and valid
Clicking "Try Again" shows "Waiting to repair", followed by "revoking...", followed by "Generating certificates" - which sounds promising, like it's doing exactly what I need, but then fails, private keys still missing, and back to step 9 here in a loop of hell.
ok? How do I get this resolved without flattening my OS back to factory and starting completely over?
Note: there are resolutions on SO that talk about Revoking the keys and generating new private keys from the Dev Console, like this one:
How can I add private key to the distribution certificate?
HOWEVER, on a "free" account I have NO access to the Certificates section! I can't manage anything from the Dev portal online. I do, however, see xcode specifically set up to handle certs (see step 9-10 above) but it is not working. I really don't know where to go from here. I'm new to all things Mac and iOS and xcode. Frustrated. Thanks Apple, so much for a simple on-boarding experience on a simple hello-world app.
After two bounties for this question which gave no results, I managed to find a solution to this problem.
Apparently, it was some keychain related problem.
To fix it:
Open Keychain Access on your Mac.
Right click on the "login" keychain in the left side of the window.
Press Lock keychain "login".
Then do the same to Unlock it.
Go back to Xcode and try to set your app to run with your personal account.
Solution was found using the first comment here:
https://github.com/desktop/desktop/issues/3625
I had this error and it occurred because I had moved to a new Macbook. Although there was a provisioning profile on our Apple account and it was not expired, the private key was on the old Macbook. So downloading and installing the profile did not help, as it was the private key that was missing. I revoked the provisioning profile and created a new one. I had the same issue for the distribution certificate.
If you are concerned whether revoking and creating new certificates/profiles will affect existing deployed applications, take a look at this question and the answers. The bottom line is, for applications on the app store it will have no affect, but for Enterprise Distributions, deployed applications will stop working if you revoke the provisioning profile. So if the application is on an Enterprise Account, then it is best to try find the private key in the keychain of the Macbook where it was created.
I am trying to submit my app to iTunes Connect. I have submitted it before(TestFlight) but at some point my certificates have stopped working. I have tried to renew them with 2 different approaches without any success.
Approach 1: In XCode I get the error that says that the developer profile already has a distribution certificate and suggest me resetting it. Resetting results in the same pop up window so this goes into a loop and does not work.
Approach 2: If I create the certificates and profiles manually in developer portal the archiving process only works if I select the correct identities in the build settings, otherwise the build fails and XCode says that it can not find code signing identities. But I cannot submit the archive because the following error occurs:
I have also tried exporting the .ipa from the archive(to upload it with Application loader) but this does not find the signing identities as well with the same error:
So now I am trying to go the suggested route where XCode is supposed to do all the work for me.(https://developer.apple.com/library/ios/qa/qa1814/_index.html) For a clean slate I have deleted all certificates, key-pairs and provisioning profiles from my mac and developer center.
I have removed all relevant keypairs and certificates from keychain. I have deleted all the provisioning profiles from my mac. I have also deleted all certificates and profiles from the developer site. I have also deleted and re-added the developer account in XCode settings.
I set the project's build settings:
I also set the team in general tab.
Now I guess XCode is supposed to fix my signing issues but after I press fix issues below the team option in general tab
I still go to the reset development/distribution certificate loop.
One thing I notice is that XCode does generate a key-pair to the keychain but not the certificate.
How can I upload my app to iTunes Connect with or without these problems?
Im using XCode 7.2 and this is a Unity3D app.
I have removed all relevant keypairs and certificates from keychain
Okay, but that is what Xcode is complaining about (each time it says "but it is not installed locally" in all the messages you have displayed). You need the private/public certificate pairs in your keychain. If you deleted the private half of the certificates, that is a huge mistake, because you can never restore it (Apple does not have it — it is private). You now will probably have to start all over again by throwing away absolutely everything — all certificates, all provisioning — both locally and at the member center, and beginning from scratch.
This can be done, but it is not trivial, because if you launch Xcode while any remnant remains, Xcode will try to install the certificate back into your keychain. To do it, you would need to delete everything from the keychain, mobile provisions folder, and member center, with Xcode not running.
I managed to upload the package by extracting the .ipa from the archive with
xcodebuild -exportArchive -exportFormat ipa -archivePath {path-to-xcarchive} -exportProvisioningProfile {“profile name”} -exportPath ~/Desktop/MyApp.ipa
and then uploading it with Application Loader.
I can't create a signing identity from Xcode for Developer ID Application.
Xcodeshows the Reset button and clicking that Reset button simply opens developer.apple.com
I have tried creating a new Developer ID Application certificate from the developer.apple.com website and installed it in Keychain Access but Xcode still shows the Reset button. I've tried removing all the previous Developer ID certificates and public and private keys from Keychain Access but the button still says Reset instead of Create.
I've tried installing Xcode on another Mac and when clicking the Create button for Developer ID Application I get a popup saying:
Your account already has a valid Developer ID Application certificate
but it is not installed locally
and then Xcode crashes.
Therefore I ended up with multiple Developer ID Application certificates created in my account but I can't use any of them.
Is there any way to remove those Developer ID application certificates from my developer account and start fresh?
Hopefully this will make Xcode show the "Create" button instead of "Reset" on my Mac.
This is Xcode 7.1.1 on OSX 10.11.1
Any help is highly appreciated.
I had the same problem. And never resolved the fact that the date on the new certificate ending in 2019 and the one that kept showing up, and I kept deleting had 2017. Finally, With Developer ID chosen I switched from my team name to "none." a dialogue came up asking me to ID myself. So I chose my team name in the dialogue. Then everything worked!
If you want to delete them you can do that by clicking on whichever certificate you want to delete and then clicking revoke. At that point if you still have any certificates in your keychain access, delete those as well. From there create a new certificate try downloading it and opening it to add it to your keychain and then seeing if it works in Xcode.
The Private Key for a Developer ID Certificate Is Missing
Optionally, contact Apple at product-security#apple.com if you need to revoke Developer ID certificates. Alternatively, you can continue to develop and distribute apps by creating additional Developer ID certificates, as described in Creating Additional Developer ID Certificates.
https://developer.apple.com/library/ios/documentation/IDEs/Conceptual/AppDistributionGuide/Troubleshooting/Troubleshooting.html
I have an app that is ready for testing on my iPad, and I've created a development provisioning profile, matched up the bundleID and lowered the iOS deployment target.
However when I downloaded the profile and dragged it into the organizer, it says 'Valid signing identity not found'. I'm pretty sure this has got to do with the certificates in the keychain and private keys (???) however I have no idea how to fix this problem.
Can someone please point me to a tutorial or give me some advice on adding certificates into the keychain without using Xcode; stuff like the 'use for development' button isn't working for me!
Note:
The only valid Provisioning Profiles are distribution.
When I try to click 'Renew' Xcode says 'No value was provided for the parameter 'CertificateIDs'. I hope this helps!
The .p12 file associated with your provisioning profile is not found in your system keychain.
Check the below few things!
Make sure you have enabled the correct certificate while generating the provisioning profile in the apple developer site.
Check if you have any duplicates of the your certificate & private key more than once in your keychain access.
If you do not have the .p12 corresponding to the provisioning profile, Get it exported from the mac system on which it was created & install it in your mac system.
Check your code signing identity set your profile there.
and your Provisioning profile bundle id is same as your app bundle identifier.
To do a valid code-signing - without using XCode - you need a valid certificate and key, corresponding to the provisioning profile :
check with Keychain Access that you indeed have a 'iPhone distribution' certificate, with its own private key.
Make sure this is the same certificate that was used on 'provisioning portal' to create you developement / distribution profile. If not, create a new one, or import the certificate from the other Mac you used when you created the provisioning
Download the provisioning profile, and just double-click it.
Posting this here because none of the other answers really went into enough detail to help me and I still had to figure it out on my own.
On the apple developer website, log in and under certificates click 'All'. The certificate needs to be generated on YOUR machine and with YOUR account or things do not build. This is what confused me... You can click the + icon and make a new certificate (development, or distribution). If it does not let you select for example Distribution, it's because there are already too many certificates in the account. So first, you have to delete an older certificate.
1) Delete the oldest certificate in the portal
2) Click the + and create a new certificate -- this will guide you through opening Keychain Access on your machine and requesting a certificate from apple, and you will have to save a file and upload it to the developer portal to create the certificate.
3) Download the new certificate and it will add to Keychain access
4) Go back to provisioning profiles on dev portal, click EDIT on the one you are trying to use and change it to use the newly generated certificate.
5) Download and click the provisioning profile
6) Everything works great.
This process actually was not that difficult, but for some reason I could not find the correct explanation anywhere. I hope this will help someone.
I had the same issue. I did have all the private keys and everything was correct, but xcode refused to build and kept saying that I didn't have a valid provisioning profile and organiser showed 'valid signing identity not found'.
The solution involved:
revoking my developer certificate and development provisioning profiles from the ios provisioning portal
deleting those certificates from keychain
try building again and tell xcode to 'fix issue'
This lets XCode manage the certificates, and it magically worked.
However on another project I still had the problem, and it was solved by this answer:
https://stackoverflow.com/a/18966088/1192732
So: I got a new Mac. I went to the developer provisioning portal, then revoked my certificate. I created a new one.
Now whenever I open XCode it complains that I have duplicate developer certificates. And yes, when I check with Keychain, there are two. I then delete the oldest one, but XCode is apparently very much in love with the old one: It keeps recreating it.
What to do?
Answer here:
Xcode could not find a valid private certificate/valid key-pair for this profile in your keychain
Short version: Delete all certificates from your keychain. Delete all provisioning from XCode via the Organizer. Request and generate new certificates in the iOS provisioning portal. Download the new provisions and import them into XCode by doubleclicking. FInally, go to your project and make sure that the right signing is selected, just to make sure.