Apple distribution certificate missing private key

How do I fix «Missing Private Key» for xcode apple provisioning?

On a new mac, I installed xcode and needed to set up provisioning for a hello-world project to deploy to my iPad.

NOTE: I am using the new FREE provisioning (do not have a paid Apple account)

1. I went to Preferences/Account signed in to my Apple account
2. In the project, General tab, Team is set to my (free) Apple Dev account. (all seemed well, it recognized this as valid)
3. I tried to deploy to the iPad and I got a build error «codesign failed with exit code 1«
4. Supposedly this is to do with certificates. I went to Keychain Access and found «iPhone Developer: my@email.com (. )» in there, which was added when I signed in via my Apple Account.
5. I DELETED this key (thinking I would simply re-add my Apple Account and thus this key)
6. I then removed and re-added my Apple account from xcode preferences
7. I can sign-in, I can see it adds keys, and Keychain Access Get Info on the keys indicates no issues (valid, etc)
8. In xcode Preferences, when I click Manage Certificates, it shows «David’s MacBook Pro (2)» and a bunch of «Untitled» keys ALL of which have a status of «Missing Private Key«.
9. xcode/General/Status section says «The username or passphrase you entered is not correct» even though my «Team» is signed in and valid
10. Clicking «Try Again» shows «Waiting to repair», followed by «revoking. «, followed by «Generating certificates» — which sounds promising, like it’s doing exactly what I need, but then fails, private keys still missing, and back to step 9 here in a loop of hell.

ok? How do I get this resolved without flattening my OS back to factory and starting completely over?

Note: there are resolutions on SO that talk about Revoking the keys and generating new private keys from the Dev Console, like this one: How can I add private key to the distribution certificate?

HOWEVER, on a «free» account I have NO access to the Certificates section! I can’t manage anything from the Dev portal online. I do, however, see xcode specifically set up to handle certs (see step 9-10 above) but it is not working. I really don’t know where to go from here. I’m new to all things Mac and iOS and xcode. Frustrated. Thanks Apple, so much for a simple on-boarding experience on a simple hello-world app.

Источник

Private key for signing certificate iPhone Distribution is missing-without creating new Production certificate and profile

I changed my Mac and when I opened my Xcode project after installing Production certificate and Provisioning Profile, it is showing:

Provisioning profile «MyProfile» doesn’t include any certificate for which the matching private key is installed in the keychain.

One important thing is I cannot create production certificate or profile, without creating new production certificate and profile can we solve this?

2 Answers 2

It’s not going to hurt anything to generate a new certificates & profiles. The existing app will continue to run and be sold just fine in the store.

If you’re the sole dev of the project, I’d just turn on automatic code signing in Xcode.

If you’re not, you could potentially have another dev export the cert you’re missing and not have to recreate them.

For code signing an iOS app, you need 3 things:

1. iOS development or distribution certificate
2. iOS development or distribution provisioning profile (that is set up for use with the cert above)
3. private key (the private key goes in your key chain and was used to generate the certificate above).

Apple does not store the private key, not should they. That is something you need to keep and protect as it allows you to prove that you are the rightful developer who can sign an app as you. Do not share the private key.

If you lose the private key, the only way to sign an iOS application is to create a new new private key, generate a new certificate and provisioning profile, and use those to sign your app.

If you can still log into the old Mac, you should be able to go into the Keychain Access app and find the certificate (and associated private key) from your old account and import them on the new machine.

If you do not have an iOS role that allows you to create the certificate and provisioning profile, you will need to get the person who has that access to create those for you, and then send you the privite key. You can download the cert and profile from Apple’s dev site after they have created them.

Источник

ios development/distribution certificate — missing private key

I accidentally deleted private keys and my iOS certificates from the keychain Access.

So i revoked my certificates from the iOS member center and creates new ones (with new CSR) plus new provisioning profile for my app and downloaded them.

in Xcode when i try to sign the app with the new provisioning profile its marked as ineligible and my new certificate is missing private key.

Any idea to fix this problem can i match a private key manually ?

1 Answer 1

I probably screwed up the Keychain Access on my MacBook when I accidentally deleted some of the items from there. I was not able to create the archive (.ipa) for ad-hoc distribution purpose because the certificates were not error-free (were not trusted, in red text). I repeated the steps without success — such as clicking «Request a Certificate from Certificate Authority» and creating new development and distribution certificates/profiles, deleting files from /Library/MobileDevice/Provisioning Profiles folder, /Users/owner/Library/Developer/Xcode/DerivedData folder.

(1) deleted all the keys and certificates that I had created before,

(2) downloaded the «Intermediate Signing Certificate» by clicking the link (see below), and double clicked this certificate to install it on the login keychain,

(3) I then followed the normal steps (i.e. clicking «Request a Certificate from Certificate Authority», then using this to create new development and distribution certificates, and then corresponding provisional profiles from my developer portal).

Now the certificates are free from errors (now have green check marks on the Keychain). I can now successfully make the archive (.ipa file) for distribution. Hope this helps.

Источник

How can I add private key to the distribution certificate?

Well, I’ve got my Developer Certificate linked with it’s private key. Works Fine.

I’ve downloaded my iOS Profile of distributor, but it says Valid signing identity not found.

So I checked my certificates, and exactly, my developer certificate it’s linked with its private key but not my distribution certificate. How can I link/add my private keys to this certificate!?

Will this solve the problem «Valid Signing identity not found»?

10 Answers 10

Yes, the error you are getting means that there is not a private key on your Mac associated with the distribution certificate you are trying to use to sign the app.

There are two possible solutions, depending on whether the computer who requested the distribution certificate is available or not.

If the computer who requested the distribution certificate is available (or there is a backup of the distribution assets somewhere)

1. From the computer where the distribution asset was generated, open Xcode.
2. Click on Window, Organizer.
3. Expand the Teams section.
4. Select your team, select the certificate of «iOS Distribution» type, click Export and follow the instructions.
5. Save the exported file and go to your computer.
6. Repeat steps 1-3.
7. Click Import and select the file you exported before.

If the computer where the distribution profile was created is not accessible anymore (and there is not a backup)

You have to revoke the certificate and create a new one.

You may need to ask your team admin or agent to give you some privileges in order to generate distribution certificates. Once you have enough privileges, follow these steps (accurate as of 15-May-2013):

Источник

Distribution certificate / private key not installed

Using Xcode 9.1, after building an iOS app, I want to archive it and upload it to the appStore for beta-testing. But I get the following issue after clicking the button Upload to the App Store. and choosing Automatically manage signing :

«My Name» has one iOS Distribution certificate but its private key is not installed. Contact the creator of this certificate to get a copy of the private key.

I do not know why this «private key is not installed», but the Distribution certificate may have been created on a different computer or something. In any case:

What is the simplest way to retrieve the missing private key and install it? In order to make things work.

19 Answers 19

Up to date (January 2021) (Xcode 10 — 12)

1. Go to Xcode — Preferences — Accounts — Manage Certificates
2. Click on the + at the bottom left, then Apple Distribution
3. Wait a little, then click Done

That’s all. You may want to revoke the old certificate on developer.apple.com too.

Old answer

Step 1: Xcode -> Product -> Archives -> Click manage certificate

Step 2: Add iOS distribution

You can only have one distribution certificate. It unites a public key, known to Apple, with a private key, which lives in the keychain of some computer. If this distribution certificate was created on another computer, then the private key is on the keychain of that computer. And this distribution certificate does not work without it.

So to use this distribution certificate on this computer, you must find that computer, open Keychain Access, locate and export the private key, mail it or otherwise get it to this computer, and import it into the keychain of this computer.

If you go into the Accounts pref pane in Xcode and double-click your Team, you’ll see a dialog that gives you help with this. If you see your distribution certificate and it says Not In Keychain, you can control-click that certificate to get a menu item that lets you email whoever created the certificate and ask them to send it to you. That person can use this same import to choose Export Certificate and can email you exported certificate.

Either way, the private key or exported certificate will be passworded. You’ll need to know the password in order to use it.

Источник