I've recently attempted to transfer my apple dev certificate to a new mac, however, the provisioning profiles are appearing as valid signing identity not found.
I imported my developer account into Xcode5 and when I deploy a build, I get the option to fix the issue of not having a valid signing - this generates an iOS team provisioning profile for the bundle id.
So far have found this is fine for testing - we distribute ourselves not using the app store.
If anyone would be able to give me a heads up on whether this is an okay method, or whether I will need to generate a new certificate for distribution in case we do use the app store for distribution.
If you still have access to your previous computer, you can export as p12 the private key you used to generate the Apple certificate.
Go to keychain, select the iOS certificate and right click to export it. Then import it to your new computer and you do not need to generate new certificates.
what you need to do is to remake the developer and distribution certificates for your new mac and install it then, you update your provision profile with the new certificate, reinstall it and everything works
PS: for remake your developer and distribution certificates you have to go in the keychan
Certificate Assistant > Request a Certificate From a Certificate Authority..
then add your email and common Name, check Saved to disk. Finally Into the developer web site you remove your old certificates and create the new one with the new file that you have in the disk.
Did you export from Xcode → Preferences → Accounts like Apple's guide suggests?
Did you also export your private key from the keychain? I have seen this issue before, and that was resolved by exporting and importing the private key.
If you do want to distribute on App Store later on you will definitely need to import a valid certificate, yes.
here you can find a solution or ask your problem to a developers Apple support:
https://developer.apple.com/support/
Other way you can call the developer support center here:
https://developer.apple.com/contact/phone.php
I'm pulling my hair out over this. I just downloaded the iPhone 3.0 SDK, but now I can't get my provisioning profiles to work. Here is what I have tried:
Delete all provisioning profiles
Delete login keychain
Create new "login" keychain, make it
default
Create a new certificate signing request
Create new developer and distribution
certificates in the Apple developer center
Download and install them
Download the WWDR certificate and install it
Create a new provisioning profile and
double click it to install
All the certificates report as valid, but Xcode still won't recognize them. What should I try next?
Edit:
I completely re-installed Mac OS X and from a fresh install installed the 3.0 SDK and still have the same problem.
I had the same problem: I first downloaded my certificates to my small MacBook while on the run. When trying to install the certificates on my iMac... then I ran into the problems described on this page.
After spending hours pulling my hair out like many of you, I performed the following steps to fix it:
Close all your stuff except your webpage that should be logged into App Dev center.
Open Xcode. Click WINDOW > ORGANIZER. Then click the Devices tab and select "Provisioning Profiles" on the left.
That should bring up your provisioning profiles. Highlight one by one (if more than 1), right click and delete profile. Yes, just do it! Delete them all! (I kept making a new one after a new one trying to make the thing work.)
From the first page you see after logging into the App Dev Center on the right side click "iOS PROVISIONING PORTAL" > (do not "launch assistant"). Instead click on the left side. Select CERTIFICATES. You will probably have just one line listed with your name/company - from there click on the right side REVOKE. Click OK to verify that's what you want to do.
On the same page click DEVICES. Click the box next to your device you are trying to provision and click REMOVE SELECTED. Again click OK to verify.
Wait about 2 minutes to let Apple do their thing.
Now click on "HOME" that is on the left side navigation.
Click "Launch Assistant"
create a new app ID - call it whatever you want. Just make sure it's unique enough to know that's the one you just created because the others you've been messing with all day will not be deleted from Apples Dev Center.
You should be able to follow the rest of the Assistant without troubles -- the main thing is you just had to delete your old provision profiles and start over.
Good Luck!
I encountered the same issue. This is because the private key of the certificate does not existing on your machine.
If you are now using a new machine and download the certificate from website:
You can export the certificate from the old machine and then import on the new machine.
If you share the developer account with someone:
You ask the account owner to send you an invitation and become a team member of that account. Then you can create your own certificate from scratch.
If you don't want to handle all these sh*t:
Just revoke the certificate on website and delete the copy on your local machine. Then request a new one. This should be the ultimate way for solving such issue.
Had the same problem yesterday. Now, after signing to the developer portal, for every invalid provisioning profile have a button "Renew". After renewing and downloading updated provisioning profile all seems to work as expected, so problem is definitely solved :)
Update: you may have to contact Apple to get a "Renew"-button, or they removed it -- and the solution is to just download it and add it to the keychain, no need to renew.
What I found was that I needed to drag the distribution_identity.cer file that I downloaded from the "Certificates -> Distribution" page on the developer program portal into the keychain access program, then this error went away.
I solved it by
a) go to provisioning profile page on the portal
b) Click on Edit on the provisioning profile you are having trouble (right hand side).
c) Check the Appropriate Certificate box (not checked by default) and select the correct App ID (my old one was expired)
d) Download and use the new provisioning profile. Delete the old one(s).
Apparently there are 4 different causes of this problem:
Your Keychain is missing the private key associated with your
iPhone Developer or iPhone
Distribution certificate.
Your Keychain is missing the Apple Worldwide Developer Relations
Intermediate Certificate.
Your certificate was revoked or has expired.
Online Certificate Status Protocol (OCSP) or Certificate
Revocation List (CRL) are turned on in
Keychain Access preferences
.
After carefully going through the thread here and checking all the solutions proposed by people, I can confidently claim this, after following the steps mentioned on Apple developer docs for creating CSR and mobile provision file, just do this!,
Launch Xcode.
Select window->Organizer
Click this refresh button and that filthy yellow bar will remove instantly.
http://img.skitch.com/20100820-1ngm8an14c6fm3dt7g6j51d2nx.jpg
Trust me, you only have to do this. There is no need to repeat the process again and again to make sure that you doing it the right way. Just press Refresh, enter your login credentials and it's done.
For me it only worked when the certificate and both keys were in the Login keychain. I had created a Development keychain before, but the Xcode Organizer wouldn't find the keys in there. So I moved them back to Login, quit the keychain tool - and voila, the error in Xcode Organizer went away! This was on Snow Leopard 10.6.2 with the 3.1.3 SDK.
For development certificates you can just create a new one and match it to a profile. However for distribution, like when your going to submit to Apple, you cannot do this and must use the distribution certificate the team agent created. The problem is you need the private key on your machine. It's very simple, however, for the team agent who created the certificate to copy the private key to you, below are the instructions from Apple, I hope this helps.
It is critical that you save your private key somewhere safe in the event that you need to develop on multiple computers or decide to reinstall your system OS. Without your private key, you will be unable to sign binaries in Xcode and test your application on any Apple device. When a CSR is generated, the Keychain Access application creates a private key on your login keychain. This private key is tied to your user account and cannot be reproduced if lost due to an OS reinstall. If you plan to do development and testing on multiple systems, you will need to import your private key onto all of the systems you’ll be doing work on.
To export your private key and certificate for safe-keeping and for enabling development on multiple systems, open up the Keychain Access Application and select the ‘Keys’ category.
Control-Click on the private key associated with your iPhone Development Certificate and click ‘Export Items’ in the menu. The private key is identified by the iPhone Developer: public certificate that is paired with it.
Save your key in the Personal Information Exchange (.p12) file format.
You will be prompted to create a password which is used when you attempt to import this key on another computer.
You can now transfer this .p12 file between systems. Double-click on the .p12 to install it on a system. You will be prompted for the password you entered in Step 4.
The best answer I got was exporting your key, instead of just trying to import the cert file.
When you export the key from the keychain that generated the request, you get a Certificates.p12 file, which rolls the keys you need together.
Then import this into the new computer.
With keys like this, it's probably good to keep a rolled, certificate package file, because many times the "public" key, or cert file, is not enough to restore things from.
In my case, I copied the project from my iMac to my Macbook Pro and found out I didn't have my private key installed on the Macbook. So I exported my private key, copied and installed it to the Macbook, and voila it works! I've documented the information here:
http://www.creatistblog.com/2009/09/iphone-developer-provisioning.html
Just a note with Xcode 4: in the organizer there are two different sections in the left pane:
Library > Provisioning profiles
Devices > your device > Provisioning profiles
I was always puttings my provisioning profiles into 2. and even after cleaning and installing properly it was not working. Then I discovered 1. and finally I found the refresh button. If you select 'Automatic device provisioning' in 1. and click on refresh, then everything got validated (no yellow warning in 2. anymore).
Was facing a similar issue yesterday with our CI server. The app extension could not be signed with the error
Code Sign error: No matching provisioning profiles found: No provisioning profiles with a valid signing identity (i.e. certificate and private key pair) matching the bundle identifier XXX were found.
Note: I had created my provisioning profiles myself from Developer portal (not managed by Xcode).
The error was that I had created the provisioning profiles using the Distribution certificate, but the build settings were set to use the developer certificate. Changing it to use Distribution certificate solved the issue.
Summary: Match the certificate used for creating the provisioning profile in build settings too.
Did you try rebooting your Mac and your device? Lame answer, but I always try that first.
I got it working after re-doing everything and then creating an empty project with XCode and building/running it to the device. XCode showed a window asking something like: Do you want to accept the developer certificate. I pressed "Always". Only after this step I got rid of the message "A valid signing identity matching this profile could not be found in your keychain" in Organizer.
Hey guys, I had heaps of trouble with this yesterday. I went through the whole process a few times, requesting a new certificate request from the authority with the assistant, clearing out everything in the portal, uploading the certificate, creating a new profile and downloading everything. No dice.
However, check this out.
First up clear out all the certificates on the portal to start fresh.
After creating the new certificate request with the assistant, press "Show in Finder", and double click that bad boy. You should get a popup for the Certificate Assistant with a screen showing "Please specify the issuing Certificate Authority", etc. If you don't, just close it and double click again.
Now just proceed through the dialog choosing
"Request a certificate from an existing CA" - Continue
Request is "Saved to disk" - Continue
Save it where ever you like, even override the file.
At the end you should see the magic "Creating key pair"
Run over to the KeyChain access and you'll see your keys in there! Upload this certificate to the apple portal and then go through their wizard as normal, everything should work great now.
There are two different certificates for two different provisioning profiles (development and distribution). You have to install BOTH certificates in keychain. In the iPhone Developer Program Portal:
Certificates -> Development -> Download
Certificates -> Distribution -> Download
Double click both certificates. After that both certificates must appear in Keychain.
The answer is this revoke your Current Development Certificate and make a new one. follow the instructions on apples site on how to do so. Its that simple!! I had this exact problem.
Simple steps to get this done:
Start from keychain (which contains your dev key already) on your computer and create a request for certificate. Upload the request to dev site and create the certificate.
Create a profile using the certificate.
Download the profile and drop it on Xcode.
Now all the dots are connected and it should work. This works for both dev and distribution.
I logged into developer account and revoked the development certificate. After revoking and downloading the development certificate i double clicked the newly downloaded certificate and this time Private Key was there under development certificate in KeyChain Access.
A good way to ensure that this happens cleanly is to clean your login keychain completely first.
Also, a really important step is to unlock your keychain before you import the private key and public key
security unlock-keychain -p password ~/Library/Keychains/login.keychain
Import private key into login keychain :
security import PrivateKey.p12 -k ~/Library/Keychains/login.keychain
1 identity imported.
Import public key into login keychain :
security import PublicKeyName.pem -k ~/Library/Keychains/login.keychain
1 key imported.
I had this same problem but, it was due to my setting up "FileVault" on my Mac. I went into my keychain and set "login" to be my default and that fixed it.
"This was a bug on the Apple portal site. They were missing a necessary field in the provisioning profile. They fixed this bug late on 6/16/09. "
I don't know whether they really skipped it or if my eyes were just glazing over but....
Just in case anybody else is overlooking the same things that I did....
just as when you were developing and testing...
1) You need a DISTRIBUTION << CERTIFICATE >>
2) You need a DISTRIBUTION << PROVISIONING PROFILE >>
That is TWO STEPS on the portal in order to get the thing signed.
There I was, having created the developer CERTIFICATE and copied it to the Mobile Provisions folder, wondering why it didn't work.
As soon as I had the provisioning profile in place
* BINGO *
I had the exact same problem and tried everything. For whatever reason the solution was that all my certificates had migrated to a keychain called "microsoft_intermediate_certificates". As it probably happened during an Xcode upgrade I have absolutely no idea why, but it may help somebody.
I moved all content of the Microsoft keychain to the login keychain and everything went back to normal.
I finally got this to work after, like, 4 separate tries after incurring the same problem that was originally posted. So here's what happened, I am not sure if this is an old issue now (2009-07-09), but I will post anyway in case it is helpful to you. What worked for me... might work for you...
start anew and delete the old private keys, public keys, and certificates in the keychain
go through the whole process, request a certificate from a certificate authority, get a new public key, a new private key, and a new certificate. Note: when it worked I had exactly one private key, one public key, and one certificate
Make a new provisioning profile (which utilizes the certificate that you just made) and put that in your organizer window in Xcode. Delete all the old BS.
Run it.
Hopefully this helps.
Everyone here is very wrong. All you need is to follow the steps that Apple provides in Managing Your Digital Identities.
It instructs you to export your certificates through Xcode and reimport through Xcode. It works great, but make sure your username is the same on both computers or it will fail.
I just spent several hours on this fershlugginer issue, which cropped up after renewing my development license. To reiterate, everything was working without a hitch, then (thank you Apple!) it all got screwed up and stayed screwed up. None of the Apple official troubleshooting steps (linked to above) or possible resolution steps mentioned here resolved the issue for me.
What finally did it for me was to delete both my development and distribution certificates, revoke them in the provisioning portal, and then let Xcode AUTOMATICALLY refresh/issue them. Nothing else, in any order, was able to get both required certificates into my keychain with the private key correctly attached.
Here is what I did.
Make sure your certificates have not expired, make sure you delete all the expired ones. Get new ones etc, Once you have make sure all that is the way it should be, then focus on your project files.
in finder , go to your .xcodeproj files then show package contentes.
open project.pbxproj in xcode or textedit.
find every refrense to PROVISIONING_PROFILE and remove the GUID, just leave empty ""
Depending on your project you should have about 12+ refrences, remove all of the GUIDS.
Save file, then reopen your project in XCODE
Re select the correct provision profiles for all possible code signings( they should not all be the same)
Build your project and you should be good to go.
I think Xcode gets confused some how, and removing all the Provision Profiles from the project.pbxproj and then reselecting a valid profile will set it striaght.
If you have new mac you can go to
IOS developer center --> Provisioning Portal --> Certificates --> Development --> Revoke and create new certificate. My problem solved. My error is "Code Sign error: The identity 'iPhone Developer' doesn't match any valid, non-expired certificate/private key pair in your keychains"
What you need:
1) A private and a public key.
They have this symbol in your keychain:
2) A certificate made from the signing request of those keys
3) A provisioning profile linked to that certificate
Let's say you change computers and want to set up Xcode with provisioning profiles again. How do you do it?
Open Xcode, press ctrl + O to open the Organizer, and delete all provisioning profiles you might have installed already.
Open keychain access, and create a signing request which you save to file (when you create the request, a private and public key is created in your keychain).
Create/Update a certificate in the provisioning portal by sending apple this signing request
Download and install the newly created certificate.
Revoke your provisioning profiles and update them with the new certificate.
Download and install the newly updated provisioning profiles.