I've found a lot of information about this, but nothing that quite helps me with my situation. I lost my hard drive a few weeks ago. I've since bought and configured a new system, but now I have to drop a new version of an app in the app store. I've re-downloaded 3 certificates, including the distribution cert, and the distribution profile, but XCode reports that my distribution profile is invalid (specifically, "Valid signing identity not found").
After a lot of searching and reading, it seems that the issue is a missing private key, but I have no idea how to rectify that. I do have a recent (SuperDuper) backup of the old machine, but opening the old Keychain Access app only shows me what's on my current machine (or so it appears -- I don't see anything different). That would be my only window for retrieving the old key. Ditto opening the old copy of XCode and looking at its Organizer.
If I try to revoke my existing distribution cert, I get warned that all of my existing apps (all of which are signed with that cert) will cease to function. I definitely don't want that.
Do I have any options here? Apple's system of certs and profiles admittedly baffles me so I'm hoping that there's some kind of recourse for re-establishing contact with my distribution key or creating a new cert without completely hosing up everything that already exists.
Opening the old Keychain Access app didn't work because it loads all the data from the compute it's running on. What you'll need to do is get the old .keychain file and open it with Keychain Access.
In your backup, find /Users/USER_NAME/Library/Keychains/login.keychain and make a copy of it. Next, you'll want to rename it to something else like oldlogin.keychain to prevent it from conflicting with your new login keychain. Then just double click on oldlogin.keychain to open it Keychain Access. It may ask you for a password to access the keychain, it should be your login password from before you lost your hard drive. Once its unlocked, you can drag anything you want from oldlogin to login including the private key.
Related
I've tried looking at the other answers for this but there's a lot of incomplete or conflicting information, but if you have a good link that would be great.
When I try to distribute my app I get this error:
I've tried creating a new distribution profile from Certificates, Identifiers & Profiles at developer.apple.com, but none of these seem to work.
I have a Time Machine backup from before I did a clean install of Mavericks to upgrade, and I also have a code saved to a text file in my Dropbox (I'm not sure if it's a private key – I doubt it) which looks like 'df9a79...' around thirty characters long.
I just can't seem to find the right link to guide me through the entire process of key creation, iTunes connect and developer.apple.com. I've done this before – I'm currently just trying to submit an update to the App Store.
My app update status is currently Waiting For Upload.
Here is my Keychain:
I've tried removing duplicates (e.g. those in the first screenshot), but that didn't seem to help. If you have any suggestions or links I'd love to hear them.
Thanks for your help.
In your keychain, there are two keys named 'Matthew Palmer'. Those two entries for the same name can be conflicting. Try by removing those both and install it again.
I hope you make a Distribution Provising Certificate at developer.apple.com.
Chose that profile there , if you are not, create that, first you need to create that certificate before proceeding.
I had this problem and eventually realised that I'd originally installed my provisioning certificate on another machine. The private key was only on that machine, and there was only a public key on my new machine. I needed to install my private key on my new machine so I could sign my app and submit it.
On my original machine, I went to Xcode>Preferences>Accounts and used "Export accounts" (under the cog) to save a copy of my accounts. I transferred the generated .developerprofile to my other machine and dropped it on Xcode there. That installed the private key for the provisioning profile on that machine and I was able to submit my app.
Another resolution to this is restart Xcode. I had the same issue after creating a new provisioning profile, and after restarting Xcode I no longer had the issue.
After experiencing this error, I tried submitting to the app store via Application Loader, signing the app with my AdHoc certificate instead of the app store certificate, as that one didn't generate the same error.
The submission was accepted by Apple with no validation errors.
This is a temporary workaround, but it may be helpful if you need a quick submission.
You might think, not again such a question where are already thousands of topics about. However, I've not been capable of finding the answer I needed to fix this problem.
None of these topics go as deep as the Keychain.
When I'm trying to deploy my app to an iPhone, I'm receiving the following message:
Code Sign error: The identity 'iPhone Developer: [Name] ([ID])' doesn't match any valid, non-expired certificate/private key pair in your keychains.
Now, as said, I have been looking for multiple guides or fixes, however, none of them seemed to fix this issue.
Things I've tried:
Use Apple's walkthrough for app deployment for countless of times
Searched the internet for guides for app deployment
Changed the content of the 'pbxproj' file inside the 'xcodeproj' package.
Retrieve all available profiles from Apple's server using the Refresh button in Xcode 4.6 (allows you to obtain automatically)
After trying all of these ways, I've still not been able to solve the issue. One problem I've seen is that at first hand, the certificate in the Keychain was showing an invalid status, which is now solved.
However, if I'm right, there are supposed to be two keys attached to the certificate. A public and private key, and these are not showing.
Neither are there any keys showing in the Keys tab in the Keychain Access.
Solution
(Thanks to nsgulliver)
Do everything what the post (marked as Solution) of nsgulliver says.
If you already have an active Certificate, click the Revoke button, this won't cause any trouble, you'll simply have to re-create the keys of which then will be generated a new certificate.
Make sure you have the WWDR of Apple installed to mark the certificate authority as valid.
Follow the default Provisioning Assistant guidelines.
Provisioning profiles installed on the devices or signed with for the target might not be valid, try to go to Organizer->Provisioning profile and see if the profiles have the valid status? if not try to delete & refresh them, if they appear valid after refreshing then it might solve your problem if not then you should remove all the entries from keychain and delete profiles on your provisioning portal and try to create from scratch, if you still face the problem then take help from step by step guide tutorial
You cannot re-create matching keys, that would defeat the whole purpose of them. You need to find the old keys or start the signing procedure from scratch.
Are you using the same machine that you generated the keys on? If not, go to the other machine, export the developer profile, then import it on the new machine.
Can you restore the keys from backups? If not, stop everything you are doing and configure your computer for backups before you do anything else.
If you are really stuck, you will have to follow the signing procedure right from the very beginning, where you request a certificate from a certificate authority. This will generate new keys, and you will have to create matching provisioning profiles, then set your application to be signed with these. Dlete the old provisioning profiles, they will be useless without the old keys.
You need to lock keychain. Please see screenshot:
Required reading when you're having code signing problems:
Technical Note TN2250: iOS Code Signing Troubleshooting
Nothing will help you more than really understanding what's in your certificates and what isn't, where the necessary pieces are kept, and how they're used. This isn't the last time that you'll have code signing issues, and this tech note provides a long checklist that should help you make sure that everything is in the right place to help you develop your app and ultimately sign and submit it to the app store.
When I've had this problem in the past I've just deleted everything on my local machine and started again. So:
Delete the keys associated with your developer account in Keychain access.
In XCode open the 'Organizer' (window->organizer)
In Devices (top menu) and Provisioning Profiles (left menu), select all of the profiles and delete them.
Now hit refresh. It will ask you to sign in and whether you want to generate new keys etc, select yes and wait.
I find that this is the quickest way to fix any provisioning / key problems, as you can spend hours finding that you've missed something small.
After removing all old provisioning profiles (~/Library/MobileDevice/Provisioning Profiles/) and updating xCode, the certificates can be found again.
I accidentally deleted the keys in my Keychain Access on my local computer which I use to archive the code when I am ready to submit a new binary.
What I am trying to do to fix this is to go to my IOS PROVISIONING PORTAL, and click on the certificated nav item on the left, and download the dev and production certificates. I do download them, and then drag them to the KeyChain icon, but I am not sure that is doing anything.
And when I try to archive the code, I get this error:
Code Sign error: The identity 'iPhone Distribution: dist_name' doesn't match any valid, non-expired certificate/private key pair in your keychains
Any idea why this is happening and how to fix it?
EDIT:
When I tried to revoke my production certificate, the system said that if I do that, my current live app will no longer work.
There are countless posts regarding this on S.O. already.
When this happens, your best bet is to begin from SCRATCH. Delete all provisioning profiles and re-do the whole procedure.
Else, you'll be stuck for hours trying to solve problems that may or may not be yours.
I had the same issue and had a simple fix
The distribution key and certificate were missing
I was able to download the certificate but couldn't get the key
Asked my team member to export his distribution cert and key.
To do that select the key or cert and export(keychain accesses-> file ->export items-> save on disc).
You will be prompted for the password, remember the password as you need it to extract the files.the files will be saved with extension .p12.
Send the .p12 file to other mac where it needs to be installed
fixed!!
I realise this is a common problem that people bump into, but I'd trawled all the answers I can find but have seen nothing better than "wipe everything, start again".
I'm hoping to do a little better than that. The problem is, I can only ever get my iOS provisioning to work on a single machine. I set it up on my Macbook Air and it stops working on my iMac. So I follow the 'wipe it all' including revocation of certificates and start from scratch on my iMac and it works, but breaks my Air.
There must be some fundamental piece of the jigsaw I'm missing.
I have downloaded and installed WWDR certificate.
I have downloaded and installed my developer certificate.
I have downloaded and installed my distribution certificate.
Everything should line up. I have all of my profiles in place, but they say "Valid signing identity not found".
What certificate is missing? What represents the signing identity? What is it that exists on one machine that doesn't on the other?
I'd really like to understand this and solve it properly.
I am not that clear on this concept too but i think the problem is that you dont have the proper certificates in your keychain access.
If you open up your keychain then you will find the private key certificate in one of the keychains on the left panel.
You will have to export the private key to get a .p12 file that you can open in other machines and download the .mobileprovision from the developer website to make it work on different machines.
Shout if anything is not clear to you.
A while ago I was working with iOs on a mac. Due to an accident the machine is lost and I can't recover anything from it. I bought a new one and installed xcode. When trying to compile for a device I get an error saying "There are no valid certificates/private key pairs in the default keychain".
I went to the provisioning portal and I got my developer certificate and added it to the keychain (the login one). I also added the provisioning file I used before to the mac (It was already on the iOs device).
In the organizer tab under status I see a warning: "Valid signing identity not found".
I'm still new to the whole apple development thing and I have no clue as to what should I do.
Could you guys please help me?
Thank you
You need to toss the existing development cert, and provide a new signing request from the keychain. The thing you are missing is your private key, since you cannot get that just make a new one.
In the future, use Time Machine... it's invaluable. Also you can export the private key to save to a USB stick for extra backup.
You cannot use the same certificate you downloaded from developer portal if you did not backup the key. You cannot use the certificate without the key. You should have backed up the key on previous machine and now you would just download the certificate and pair it up with backed up key.
If you didn't back up the key, you have to revoke the old certificate and create a new one. And when you are finished remember to backup your certificate key.
Happened to me, so I know by doing it the wrong way ;)
Go to https://developer.apple.com/ios/manage/overview/index.action (or the iOS provisioning portal!)
and then go to Provisioning. Then click new profile and create your profile and then download it. Then open the provisioning file and then your computer will ask you if you want to add it to the Library. Accept it and then you should have it in your computer. Next open Xcode and open the organizer and then click the device that your using to test and click Provisioning Profiles. Then click import and select the provisioning file that you just downloaded. Then in your project select the appropriate profile in your build settings! Then try and it should work! You can't use your old certificate so just toss that one out. Good Luck!