Copy link to clipboard
Copied
This used to work on my last computer, but I created a CSR and uploaded it to Apple and it returned a valid distribution certificate. But when I run Openssl to try and create the p12 file, I keep getting the error:
"no certificate matches private key".
My batch file looks like this:
set OPENSSL_CONF=C:\OpenSSL-Win32\bin\openssl.cfg
set RANDFILE=.rnd
openssl x509 -in ios_distribution.cer -inform DER -out developer_identity.pem -outform PEM
pause
openssl pkcs12 -export -inkey mykey.key -in developer_identity.pem -out myfile.p12
pause
I've tried just about everything, and I'm seriously stuck. Can anyone help?
Copy link to clipboard
Copied
You can run into such issues if you still have old certificates kicking around. Go into Keychain Access and look at Certificates and My Certificates. Any that don't have a key next to them are likely to not work, but still cause problems. Of the others, delete any that are not the latest date, and export a P12 from the most recent one, to use in Flash.
Also, make sure that your provisioning files are using that latest certificate.
Copy link to clipboard
Copied
Thanks, Colin. This is for Windows, and it's a new computer. Do you think that still matters?
Copy link to clipboard
Copied
Yes, I'm sure it matters. Listen to iBrent, he makes sense. At least he did once a couple of years ago, though I think that was a fluke.
Copy link to clipboard
Copied
Fluke is as fluke does. 😉
Copy link to clipboard
Copied
So am I on the right track here?
According to this:
https://www.vbulletin.com/forum/content.php/506-Creating-your-iOS-Certificates
The email and name have to match the iOS information set in the account. So in order for that to work, they need to add me as a dev team member on their account, and use my name and email address?
https://developer.apple.com/membercenter/index.action
Adding me from that link?
Thanks for the input, guys.
Copy link to clipboard
Copied
Hi,
I put together a series of tutorials on creating the Apple CSR request and certs on Windows a while back. They have step by step instructions including the commands I used. See if that helps, it can be tricky for sure.
http://www.youtube.com/playlist?list=PL57C122F59F8F1A43
iBrent
Copy link to clipboard
Copied
IBrent, I'll take a look and see if I missed anything. I did this on another computer but it was a couple years ago and maybe I skipped a step.
Copy link to clipboard
Copied
So, the only thing I notice about your video, iBrent, is that you say the certificate signing request has to match the email of the account name. But in my case, this is for a client's account. Do I need to make the emailAddress= field the account admin's? Or can it still be mine?
Find more inspiration, events, and resources on the new Adobe Community
Explore Now