Converting a developer certificate into a P12 file - ios

i am trying to Converting a developer certificate into a P12 file as a describbed here using Virtual Machine mac....but when converting
Personal Information Exchange (.p12) file format is disabled
what should i do

The .p12 option is disabled because, you only selected either the private key or the certificate on your machine. You need both of them for creating a .p12 file.
Steps to create .p12 file:
Run the Keychain Access Application on your Mac.
Select the login keychain from the top-left panel
Select “My Certificates” from the “Category” menu in the left panel
Find your iPhone Developer/Distribution Certificate. DO NOT select iPhone Developer/Distribution: My Company
Expand this item, and inside you should see the Private Key.
Select BOTH the key and the certificate (Hold CMD and click both items)
Right click and select Export 2 Items...
Save your key in the Personal Information Exchange (.p12) file format, and call the file “Certificates.p12”
You will be prompted to create a password that is used when you attempt to import this key on another computer
Enter a password and save

How did you get the certificate onto your machine?
Did you:
a) download it from the iOS cert portal
b) Send a certificate request from this very same computer and go thru the process to get it downloaded from the iOS cert portal
Note that option B means you have a private key associated with it because it was requested from this very same computer. If you are doing option A, then the private key is not on that machine
If you are trying to transfer your cert and private key from one computer to the next, the easiest way to do it is using the Keychain Access program, exporting the cert/key to *.p12 format for transfer.
If you open the Keychain Access program and find your developer certificate, click the arrow ned to it and make sure there is an associate sub key with it.
If so, right click the cert and click Export.
If not, then you need to do so from the original computer that the certificate was requested from to include the private key.

In the Keychain Access Application I have moved my installed certification from the system folder to login folder (in left-top), then p12 exporting was enabled.

Related

Certificate added but It shows missing private key

Right now I'm developing apps on a brand new macbook. I have downloaded the certSigninRequest
Now I have added both the ios distribution certificate and the private key which is (certSigninRequest)
But whenever I try to export my app it keeps saying missing private key. I have added to my Keychain already
For your case, the appropriate way to use the Distribution Certificate to be legal on other machine(s) is to export it from the current machine that uses the certificate.
To do this:
Navigate the the keychain access.
Go to the targeted certificate, expand it and select both the certificate and the private key:
Right click and select "Export 2 items...".
Obviously, you should fill the required info, such as the name of the exported file and a password.
The output of the above steps would be a .p12 file, which should be installed on the other machine(s). Note that revoking the original certificate will also makes this exported file to be invalid.
Do not request a new distribution certificate for the new machine, it will automatically revoke the previous one (which leads to make the first machine's certificate to be invalid). This thing is you would generate only one Distribution Certificate -by generating a "CertificateSigningRequest" file from the current machine- and then export it to be able to install it on the other machines, which means that all machines use the same distribution certificate.
Also, the following questions might be related to your case:
missing private key in the distribution certificate on keychain
How can I add private key to the distribution certificate?

Export push notification certificate as P12

Normally, I can export the certificate from the keychain that I download from the apple member center as a p12 file. However, it seems that Apple may have changed something?!
I require it as a p12 to import it into Amazon's SNS service. I have tried converting to PEM files but it's producing an error on the console.
The solution I have found has been posted here: https://stackoverflow.com/a/19502944/1198404
I copy and paste the answer: Turns out all you have to do is select "My Certificates" on the left panel and it enables the .p12 option.
You can't export to a .p12 because you don't have the private key installed on your machine (if you did, you would have an "expand" arrow next to the certificate like your iPhone Distribution certificate has.) You will need to get the private key from the machine that generated the certificate before you export.
If the accepted answer doesn't apply to you (e.g., because you created the CSR from the same Mac, and should have the private key on this Mac), here's one more possibility:
When you happen to have selected the wrong keychain (like if you accidentally had single clicked on the System keychain rather than Login keychain), you may run into the same problem. If the cert signing request came from that machine, it would associate the private key with the Login keychain (at least, that seems to be the default). So if you somehow then downloaded and imported the certificate into another keychain like the System keychain (or iCloud keychain, as some comments have mentioned), Keychain Access would not find the matching private key and would not put the cert under "My certificates", and so it cannot export a p12. It would be similar to the case of importing to the keychain on a different Mac.
Make sure the import is into the keychain associated with the private key. Often this would be the Login keychain.
You don't have the private key.
So the solution is you have to revoke the previous certificate and create a new APNS profile again.
You can export from Cert just like below.

Export development certificate as p12

I downloaded a personal development certificate from the Apple Developer center and imported it to my keychain. Now, I want to export it as a .p12 file and encrypt it with a password. When I right click the certificate in the Keychain tab Certificates, and press the Export button, the .p12 option is not highlighted/available. Instead of the other 3 options (.cer, .pem, .p7b), which are available.
I tried a couple of things yet, like adding the Apple ID, which was used to create the certificate, to System preferences->Users and Groups->My account, but that didn't solve it. The certificate was created on a different Macbook than I'm using now.
Is it possible to export it as a .p12 in any way?
One point of interest: the Keychain Assistant window has a "Category" list in the right pane below the title bar (used to be in the lower part of the left panel). You can only export a p12 from the "(My) Certificates" view.
In the "All Items" view, you can see the certificates and the keys alongside, so that they're distinct items with no possibility of multiple selection; in the Certificates view, there's a tree structure with keys as child items of certificates, so that selecting a certificate implicitly selects the corresponding private key too.
The missing .p12 option means that you only have either the private key or the certificate on your machine. You need both of these to generate a .p12 (and incidentally, you'll need both the private key and certificate to sign your apps).
So, find out which of these you're missing, add the missing piece to Keychain, and the .p12 option will be available.
You can check in your keychain whether the private key is associated with the development certificate.
You can export the private key and certificate as .p12 only if it is there.
I was struggling with the same issue - I was able to sign macOS applications locally with my "Developer ID certificate", but wasn't able to export that certificate as a .p12 file (required by Azure Pipelines). What I found after maybe an hour of trying everything is that you need to store the Developer ID certificate in the "login" keychain (only there you can see also your private key and the "Export as .p12" option), not in the "System" keychain as I used to have for many years...
So although the Developer ID certificate stored in the System keychain works fine with Xcode, it doesn't allow you to export it as a .p12 file until you reimport it to the "login" keychain...
Just select Certificate from the left panel to export it as .p12

Adding certificates to keychain and generating .p12 file format

I am following the step given in https://github.com/Redth/PushSharp/wiki/How-to-Configure-&-Send-Apple-Push-Notifications-using-PushSharp to while working step by step for Apple Push Notifications.
I got stuck in the middle. I added Apple Push Notification development Certificates. But the certificates appears under SYSTEM/Certificates instead of LOGIN/Certificates section. May be due to this or may be not, I did't get save as .p12 file format option when i try to save file as p12 format as explained in step 19. I also tried generating certificates without checking
LET MY SPECIFY KEY PAIR CHAIN INFORMATION as explained in step 10.
Can anybody suggest me how to make aps-development.cer under login/certificates in key chain and then proceed the given step to obtain .p12 file?
Thanks in advance for your help and support.
Please try following Three steps
Step 1:Open your Keychain Access app.
Step 2:You will see list in left side as 'Login' ,'System' and 'System Roots', just drag your certificate in 'Login' option.
Step 3: You will get certificate install successfully in Keychain Access.
After this process you can create the .p12 certificate.
Step by step instruction how to download certificate and generate .p12
You need a valid certificate to be able to generate .p12 file. Step 1-3 describe steps to download valid certificate from the Apple Developer Account. Step 4-8 describe how to use this certificate to generate .p12 file.
Logon to DEVELOPER.APPLE.COM
(From the left menu) Go to 'Certificates, ID's & Profiles' or (From the main panel) Click on 'Certificates, Identifiers & Profiles'
(From the left menu) Click on Certificate type ie Production -> Click on the Certificate name to expand more options -> Click on 'Donwload'
(From the mac menu) Go to Utilities -> Key Chain
(From the top menu of Key Chain) Go to Key Chain Access
Open location where certificate has been downloaded and double click on it (This should auto generate new record in the Key Chan Access certificate list)
(From the Key Chain Access certificate list) right click on the newly created certificate record and choose 'Export...'
Save file as .p12

How to create P12 certificate for iOS distribution

We have an iOS app whose push notification cert has expired and we're trying to create a new one. I've created new certs in the Provisioning portal (ios_developer.cer, ios_distribution.cer) and downloaded them. I was following instructions here on Stack Overflow to convert it to PEM and then to P12 files, but I'm stuck. When I then attempt to convert the PEM to P12, it wants a private key of some sort, and I don't know where to get it.
I've also tried loading these into Keychain Access. I had read that you could export them as P12 from there, but when I do the Import, they don't appear anywhere.
Your private key is generated when you created the signing request in Keychain Access. After the cert is generated and downloaded, double-clicking it will add it to Keychain Access where it will be matched up with the private key. You can then select the cert, and open the arrow to also select the private key and export them together as a .p12 file from Keychain Access.
.p12 files are used to publish app on the Apple App Store
A. On your Mac Create a (.certSigningRequest) CSR file
Open Keychain Access from Utilities
From Keychain Access toolbar select Keychain Access -> Preference
In the pop up window select Certificates tab
Set both “Online Certificate Status Protocol” and “Certificate Revocation List” to “Off"
Close this window
Now from toolbar, open Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority
Enter email address and common name that you used to register in the iOS Developer Program
Keep CA Email blank and select “Saved to disk” and “Let me specify key pair information”
Click Continue
Choose a filename & destination on your hard drive
Click Save
In the next window, set “Key Size” value to “2048 bits”
Set “Algorithm” to “RSA”
Click Continue
This will create and save your certSigningRequest file (CSR) to your hard drive. A public and private key will also be created in Keychain Access with the Common Name entered.
B. Create ".cer" file in iOS developer account
Login to apple developer account Click “Certificates, Identifiers & Profiles”
Click “Provisioning Profiles”
In the “Certificates” section click “Production”
Click the “Add” (+) button at the top-right of the main panel
Now, choose “App Store and Ad Hoc”
Click Continue
Click “Choose File” & find CSR file you’ve made from your hard drive
Click Generate
Click Download to get the file
C. Install .cer and generate .p12 certificate
Find .cer file you’ve downloaded and double-click
Set Login drop-down to “login" and Click Add
Open up KeyChain Access and you'll find profile created in Step A
You can expand “private key” profile (shows certificate you added)
Select only these two items (not the public key)
Right click and click “Export 2 items…” from popup
Now make sure file format is “.p12” and choose filename and destination on your hard drive
Click Save. Now, you’ll be prompted to set a password but keep these both blank
Click OK. Now, you have a .p12 file on your hard drive
Take a note that if issue still persists then try below step as well:
If your keychain is present in iCloud then remove all keychain content from iCloud and do new setup in iCloud This should work.
you will not get the expand option unless you filter by choosing (Certificates) from key chain left bottom corner
OK, problem solved! it seems that when i double click on the certificate, it automatically installs it in the SYSTEM keychain - i don't know why. So instead, i simply drag and drop the certificate into the LOGIN keychain and then all is good. Thanks to this article -> Adding certificates to keychain and generating .p12 file format - alon rosenfeld 10 months ago
To get your p12 file go this way..
Step 1. In XCode > Go to Project settings > General > Signing section > Signing Certificate
See which certificate you are using for this particular app as shown in image below
Step 2. Open Keychain > on Left bottom Category section > Certificates
Look for the certificate and open child by clicking on down arrow as show in image
Step 3. Right click and export as "Certificates.p12" by giving your password eg. "123456"
For anyone else having the greyed/grayed out P12 option:
Make sure you are in the My Certificates or Certificates category in
Keychain Access.
https://sailthru.zendesk.com/hc/en-us/articles/115000032546-Can-t-export-my-certificate-in-p12-format
For anyone still having this issue, the solution for me was to NOT select both and "Export 2 items" (the key and the certificate) - rather just export the certificate which ALREADY includes the key. As of 2016 i think this is the way to do it because previous uploads that worked with the export 2 items no longer work.
For anyone else having the greyed/grayed out P12 option,
here is the latest screenshot (2021) from my macbook pro.
I ended up here as I was trying to build an iOS app in the cloud using MS Visual Studio App Center WITHOUT a Mac. The issue is every tutorial uses the top rated answer above by Jayprakash Dubey. That approach uses a Mac and KeyChain. The solution comes from SO here.
You need a Key (aps_development.key), and then:
Create key pair : openssl genrsa -out aps_development.key 2048
Create CSR : openssl req -new -sha256 -key aps_development.key -out
aps_development.csr
Upload the CSR to developer portal to get the certificate
aps_development.cer
Convert the certificate: openssl x509 -inform DER -outform PEM -in
aps_development.cer -out aps_development.pem
Build the PKCS#12: openssl pkcs12 -inkey aps_development.key -in
aps_development.pem -export -out aps_development.p12
You can then go ahead and make an app id and a provisioning profile. This will allow you to build in the App Center.

Resources