I have an updated version of an old Xamarin Android app I want to release. I previously set up the signing key which I used to sign the app previously. Apparently, a few months ago I updated to the Google app signing mechanism, but apparently I still need to sign the app myself before uploading. But if I use my old script mechanism, Google tells me "You uploaded an APK that is not signed with the upload certificate." I can't figure out how to set up the signing with whatever that upload certificate is. Neither the Google nor Xamarin docs are comprehensible to me. I downloaded "upload_cert.der" and "deployment_cert.der" files from Google, but have no idea what to do with them. I tried using Visual Studio to publish, but it says to create Oauth client and enter the client ID and secret, pointing to the Google Play Console, but I can't figure out how to do that. It would be really nice if there were some docs for people in my situation.
Somewhere along the way I must have regenerated the keystore, which no longer matched the key Google has. I found a backup of the keystore, restored it, and now it works.
Related
Today I wanted to upload a new version of iOS app to App Store via Xcode, but it shows me the error:
"Two-factor authentication must be turned on for your Apple ID. After you turn it on, signing in to your developer account will require both your password and access to your trusted devices or trusted phone number."
Previously (even yesterday) everything worked just fine without 2FA, so is there anything that could be done without 2FA?
In an effort to keep your account more secure, two-factor authentication will be required to sign in to your Apple Developer account and Certificates, Identifiers & Profiles starting February 27, 2019. This extra layer of security for your Apple ID helps ensure that you're the only person who can access your account.
Please refer the below link
https://support.apple.com/en-gb/HT204915
I face same issue, but we can export the ipa file instead of directly uploading from Xcode and then upload ipa file via application loader. It worked for me.
My employer recently entered into an agreement with another company to share the source code for an iOS app that we developed. We haven't yet published this app in the App Store but plan to do so in the future. During the course of development, we've obviously created an app ID, provisioning profiles, certificates for development and remote notifications, etc. all of which are (obviously) tied to my employer's enrollment in the Apple Developer Program (ADP). The app itself is currently configured to allow Xcode to manage signing automatically.
Before we deliver the source code for this app to the other company, I need to make sure that none of my employer's information is present in the project source (so that the other company has to use their own info). I've looked through all the project-related files I could find and the only thing I really saw was a small section in the project.pbxproj file that looks like it is related to signing.
I would guess that this is something that a lot of people who decide to share their source on Github do but I'm still fairly new to iOS/Xcode app development so I was hoping that someone who has dealt with this before could offer some insight? Thanks very much!
If you just want to make sure they cannot get your company's signing identity, you can just send them the project. Since you are using automatic code signing, they would need to have your company's Apple developer ID credentials to sign in to the developer account in order to have Xcode generate a certificate and profile to sign as your company. None of the critical signing files are included in the Xcode project folder.
When you enable automatic code signing and sign into the Apple ID, Scode will generate a certificate and private key, which go into that Mac's Keychain, and a provisioning profile is generated and downloaded, which goes into a specific directory that is common for all projects (https://stackoverflow.com/a/45642752/3708242) and outside of the project directory.
As #Jack states in his answers, there are other pieces of information in the files you might want to scrub, but there is no risk you would be giving them access to your code signing information by sending them the project as is with automatic code signing turned on.
Long story, short, just send them the project directory.
Just clear the bundle identifier in Project->General->Bundle identifier -> set it empty.
For notification other company/Vendor will use there separate certs with respective Apple account.
In every top lines of .swift files there is commented by default code which includes Mac name, you can remove it.
I am working on an app, built in Unity, and have built it to launch on Android and it works fine. I work on a PC.
I am now trying to convert the code to iOS. I have borrowed a friend's MacBook Air in order to meet the requirements needed for Apple. The first step requires me to make certificates.
I do not own this laptop. Does the certificate stay with the machine or is it just a file I can save into the cloud?
Also is the certificate required for updates in the future?
I ran into an issue previously where I created a certificate in Google Play and accidently deleted it, which forced me to make a whole new app. This made a whole bunch of other issues occur.
You can generate the p12 files then that way you can use the certificates on another system. Refer to this link
Add these p12 files to your system keychain on another mac and you are good to go.
Hope this helps.
I have an IOS application for a client and I need to push it as an update to the existing app. I already received the credentials of the itunesconnect account which includes the application however here is my problem.
I don't have the private key which was used to publish the initial application which according to the below could cause a problem.
The private key is locally stored on the Mac device (in this case, the old vendor).
In the wrong hands, someone might attempt to distribute an app that contains malicious code.
Not only could that cause the app to be rejected, it could also mean our developer credentials could be revoked by Apple.
Is there a way to retrieve the old key?
In the case where I sign the application with another certificate, will still go as an update to the existing one?
Your fears are unfounded.
In the wrong hands, someone might attempt to distribute an app that
contains malicious code
Don't forget that they would also need your team agent's credential to submit the app. Even if they have the private key, they wouldn't be able to submit anything.
Is there a way to retrieve the old key?
No need to retrieve the old key, just revoke it from the provisioning portal and generate a new one.
In the case where I sign the application with another certificate,
will still go as an update to the existing one?
App updates are based upon bundle ID and not the code signing certificate. App submitted with the new certificate would still be considered an update, if the bundle ID is same.
Create new Distribution certificates and upload latest build with new version, this will go as update to users.
I've found a lot of information about this, but nothing that quite helps me with my situation. I lost my hard drive a few weeks ago. I've since bought and configured a new system, but now I have to drop a new version of an app in the app store. I've re-downloaded 3 certificates, including the distribution cert, and the distribution profile, but XCode reports that my distribution profile is invalid (specifically, "Valid signing identity not found").
After a lot of searching and reading, it seems that the issue is a missing private key, but I have no idea how to rectify that. I do have a recent (SuperDuper) backup of the old machine, but opening the old Keychain Access app only shows me what's on my current machine (or so it appears -- I don't see anything different). That would be my only window for retrieving the old key. Ditto opening the old copy of XCode and looking at its Organizer.
If I try to revoke my existing distribution cert, I get warned that all of my existing apps (all of which are signed with that cert) will cease to function. I definitely don't want that.
Do I have any options here? Apple's system of certs and profiles admittedly baffles me so I'm hoping that there's some kind of recourse for re-establishing contact with my distribution key or creating a new cert without completely hosing up everything that already exists.
Opening the old Keychain Access app didn't work because it loads all the data from the compute it's running on. What you'll need to do is get the old .keychain file and open it with Keychain Access.
In your backup, find /Users/USER_NAME/Library/Keychains/login.keychain and make a copy of it. Next, you'll want to rename it to something else like oldlogin.keychain to prevent it from conflicting with your new login keychain. Then just double click on oldlogin.keychain to open it Keychain Access. It may ask you for a password to access the keychain, it should be your login password from before you lost your hard drive. Once its unlocked, you can drag anything you want from oldlogin to login including the private key.