I am setting up SSL for testing in MAMP Pro 5.0.1, and following instruction here, and have generated dummy certs.
The instruction say to "Point to your chain file or Alias", but there is no mention of where to find the "chain file or Alias". Spotlight can't find them either. Where is the chain file stored?
Related
I created a pass that worked fine with iOS 6 beta 4, but now can not be installed with iOS 6 final release. The pass shows fine on the device but gives the following error in Console.app when tapping on Add:
10/10/2012 11:39:56.460 passd[47329]: Invalid data error reading card pass.com.test.example/serial_number. The passTypeIdentifier or teamIdentifier provided may not match your certificate, or the certificate trust chain could not be verified.
Since I know the certificate, passTypeIdentifier and teamIdentifier are right, it can only be the certificate chain. I have the WWDR certificate installed on the computer used for exporting the pass certificate, why do I get this error? Is the certificate chain not being exported?
We are generating the passes using PHP PKPass.
I am using a In-House license and distributing to one of the registered devices if that matters.
The problem was indeed the WWDR certificate not being added to the manifest.json signature. And this is actually solved in the latest version of PHP PKPass (So much time wasted investigating this instead of just checking if it was fixed on the newest version :S)
I already made iPhone application thanks to all certificates and so on.
Now, I'm installing a second mac to develop applicaions (the same applications) so :
I generated a Certification Signin Request (with keychain)
I didn't upload it but I downloaded the Distribution Certificate (that I generated before with the old computer), and install it (in keychain again)
I Downloaded the Distribution Provisioning profile
The last File , I installed it and in Organizer, the status of the file is "Valid Signing identity not found".
How can I fix that problem ?
This is common operations but I always have trouble with all those certificates :-)
Thanks
Export your existing certificate from your old machine to your new one. This will make you skip all other stuff to do and it's easy as 1,2,3.
I have been getting this problem for almost 4 hours now, getting very frustrated. I have gone through and revoked my certs and provisioning profiles 3 times now and started from scratch. I've also ensured my project was set to use the DISTRIBUTION profile. I revoked and deleted my development cert/prof just so I couldn't select it by accident. My mobileprofile is being copied correctly. I'm using Xcode 4.0.2. I started a new project and dumped my files in there and I get the same problem there..
I super-double-triple checked the directions to get certs. Created private keys, sent file to developer provisioning portal, got a cert back, it loads up and matches my private key.. have deleted all non relevant keys. Have deleted all old provisioning profiles that were saved in MobileProfile/..
here, really, my project is set up right!!
here, really, my target (only target!) is set up right!
Here's my keychain.. certs look good
My super-slow-carefully-made provisioning profile shows up just fine in Xcode, it's certainly recognized as being good and signed
What I'm getting is:
rocessProductPackaging "/Users/rcl/Library/MobileDevice/Provisioning Profiles/AFFB40FF-FE57-4131-A1D1-0804E0E747FF.mobileprovision" /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app/embedded.mobileprovision
cd /Users/rcl/Documents/iMan/iMan_On_Xcode402/iMan
setenv PATH "/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Developer/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin"
"/Users/rcl/Library/MobileDevice/Provisioning Profiles/AFFB40FF-FE57-4131-A1D1-0804E0E747FF.mobileprovision" -o /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app/embedded.mobileprovision
Then..
ProcessProductPackaging /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.3.sdk/Entitlements.plist /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Intermediates/iMan.build/Release-iphoneos/iMan.build/iMan.xcent
cd /Users/rcl/Documents/iMan/iMan_On_Xcode402/iMan
setenv PATH "/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Developer/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin"
/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.3.sdk/Entitlements.plist -entitlements -format xml -o /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Intermediates/iMan.build/Release-iphoneos/iMan.build/iMan.xcent
Then...
CodeSign /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app
cd /Users/rcl/Documents/iMan/iMan_On_Xcode402/iMan
setenv PATH "/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Developer/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin"
setenv _CODESIGN_ALLOCATE_ /Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/codesign_allocate
/usr/bin/codesign -f -s "iPhone Distribution: Robert Lorentz" --resource-rules=/Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app/ResourceRules.plist --entitlements /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Intermediates/iMan.build/Release-iphoneos/iMan.build/iMan.xcent /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app
Then....
Validate /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app
cd /Users/rcl/Documents/iMan/iMan_On_Xcode402/iMan
setenv PATH "/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Developer/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin"
setenv PRODUCT_TYPE com.apple.product-type.application
/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/Validation /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app
warning: Application failed codesign verification. The signature was invalid, or it was not signed with an Apple submission certificate. (-19011)
Executable=/Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app/iMan
codesign_wrapper-0.7.10: using Apple CA for profile evaluation
AssertMacros: signer, file: codesign_wrapper.c, line: 610
AssertMacros: profile, file: codesign_wrapper.c, line: 914
codesign_wrapper-0.7.10: Failed to load provision profile from: /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app/embedded.mobileprovision
- (null)
Edit:
One note is that I have had Xcode 4.2 beta installed, not sure if that could be causing issues? I used the provided script and did a full uninstall of the beta developer tools and installed Xcode 4.0.2 again.
Edit:
I've tried generating the private keys in my own name and also my company's name, for 'Common Name'. I initially registered with the apple developer program with my own name, but when I set myself up on iTunes Connect I used my business name as the name I wanted to appear. It seems the CERTIFICATE I'm issued obviously uses my real name. I've tried setting the common name on private key to both things with no luck, but which is correct?
Edit:
And to be clear, the file /Users/rcl/Library/Developer/Xcode/DerivedData/iMan-hapawfvbfkeskkaembwcgifzypdz/Build/Products/Release-iphoneos/iMan.app/embedded.mobileprovision definitely exists and matches the md5sum of my ~/Library/MobileDevice/Provisioning Profiles../ file (the only one that exists, the one I want to use.)
Edit:
When creating my distribution provisioning profile, it doesn't seem to matter what I pick for my App ID - they all give the same results. Is there something that needs to match up with this App ID?
Edit:
Ok I'm "getting somewhere" or walking backwards. So my bundle ID specified by me has been com.panagiaindustries.iman ; apple issued me SR49T455EV.com.panagiaindustries.iman ... if I build my app with the com.pana... one, it fails to codesign within xcode. if I build with the SR49T... one, it codesigns, but when I use Application Loader I get 'Bundle identifier SR49T... differs from reserved bundle ID: com.pana...' as an error. Which SHOULD I be using?
Edit:
Adding the following entitlements file seemed to have no effect:
get-task-allow
application-identifier
SR49T455EV.com.panagiaindustries.iman
I had gone from Xcode 4.0.2 to 4.2.x beta, then back to 4.0.2. After this, Xcode wasn't working so I ran the "official perl" uninstaller script, then reinstalled 4.0.2. Xcode worked.. but apparently I was still using some beta tools. I resolved my problem by mv /Developer /Developer.old and install "fresh" 4.0.2.
These are the following steps needed to build an iPhone app under an Apple Distribution License and upload it to the App Store.
Create A CSR from Keychain Access in a Mac machine.
Access Keychain Access as Finder>>Applications>>Utilities>>Keychain Access.
Upload this CSR while creating a Distribution Certificate.
An Apple License can have only one Apple Distribution Certificate.
Download Distribution Certificate.
Open Keychain Access.
Access Keychain Access as Finder>>Applications>>Utilities>>Keychain Access.
Install the downloaded Distribution Certificate.
Right Click on the Distribution Certificate and select "Export Certificate" and save as Personal Interchange Certificate (.p12) format in destination Library>>Keychains.
For every new application we need to create new Provisioning Profiles under one Apple Distribution Certificate.
For each new Provisioning Profile, we need to create a new App Id.
So we need to create a Adhoc and Appstore Provisioning Profile.
Adhoc Provisioning Profile is for testing the app in apple devices.
*Appstore* Provisioining Profile is for uploading the app to appstore.
Download the respective Provisioning Profile and double click on the profile to install it.
Delete all the previous profiles and just retain the newly installed profile.
Build the application by selecting the Code Signing Entity as the newly installed Provisioning Profile.
6 Upload the ApplicationName.app.zip file as the binary file in Application loader while uploading the application to appstore.
Reference: https://developer.apple.com
I believe this would be of some help to you.
I don't see anything listed under code signing entitlements (line just above the provisioning stuff). Open the new file assistant and look under resources for entitlements file. Then add one key pair:
<key>get-task-allow</key>
<true/>
In theory it will add this for you, but I remember some versions of Xcode have been bad about actually adding it. There should also be one other key pair:
<key>application-identifier</key>
<string>[someNumber].[bundleID]</string>
I'm not sure where the number comes from, though it might be the App ID from iTunes Connect.
In the build log of the original post you can see the root cause of this particular signature verification failure expressed with the text: "..Failed to load provisioning profile from: (x)". I've experienced two cases of this particular signature verification failure, and both were successfully worked around by updating to Lion 10.7.2 and the latest Xcode for Lion (currently Xcode 4.2.1).
For others experiencing the "Application failed codesign verification" during Xcode Archive Validation or Submission, look to the build log at Product > Archive time for a build warning by the same title and expand that for the root cause. Then take a look at Apple's complete list of potential causes of this error at the following URL "How do I resolve the error: Application failed codesign verification?"
I have a self-signed certificate at the endpoint of my API. I'm trying to test some things using the simulator but am getting "untrusted server certificate".
I have tried to use safari on the simulator to download the .crt file, but that doesn't seem to work.
Where does iPhone Simulator get its keychain from? How can I add a trusted certificate so my application will work?
I got it to work by creating a CA and then adding a CA certificate using the iPhone provisioning tool. Then I was able to have a certificate signed by that CA certificate on the API server and the NSConnection just worked. I was not able to get it to work using a self-signed certificate for some reason. I need to re-attempt this using the provisioning software.
My real question is how do I get this to work on the simulator? I would think that the simulator uses the keychain of the actual computer.
Simply drag & drop your .cer Files into your running Simulator window. You'll see Safari flashing and then the import dialog for your Certificate (or Certificate Authority)...
Working for iOS 7 Simulator (and i Think did work for iOS 6 too).
For those who find that the dragging and dropping of the certificate on the Simulator isn't working, there was a recent change that adds an extra step.
The Simulator must be explicitly told to trust the root CA. Do this by going to:
iOS Settings > General > About > Certificate Trust Settings > "Enable Full Trust for Root Certificate" for your particular certificate
See the full answer here:
I had this same issue for months and today I FINALLY solved it with:
ADVTrustStore
You are going to want to use a project called ADVTrustStore from github. It does some fancy magic but it will correctly install certificates into your root trust-store on the simulator.
Steps to install a custom cert
# Clone the repo
git clone https://github.com/ADVTOOLS/ADVTrustStore.git
# Enter the repo directory
cd ADVTrustStore/
# Copy your .crt file
cp somewhere/something.crt my.crt
# conver to a .pem file
openssl x509 -in my.crt -out my.pem -outform PEM
# Install the pem in the simulators
./iosCertTrustManager.py -a my.pem
Using this process I was able to get GoogleStreetView images to render correctly while behind a corporate firewall using SSL resigning with self-signed certificates
Background
I was using CharlesProxy and i noticed it was correctly installing certificates into the Simulator but they did not show up in the Settings - Profiles section. Then after some searching I discovered this tool. There are probably a few other tools out there but in my case the drag-and-drop never worked correctly for all cases. Safari would be fine but not my applications.
For anyone use OS X Catalina, please check this : https://forums.developer.apple.com/thread/124056.
Catalina is currently blocking access to Desktop, Documents and Downloads folder.
I moved certificate files to Shared folder and drag and drop the files to simulator from there.
Take a look at the shell script Charles uses to install their self signed cert into the simulator's keychain. http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/
See also:
iPhone TrustStore CA certificates
http://redgreenrefactor.eu/blog/testing-https-on-iphone-simulator/
It looks like installing your own certificate in the simulator may require installing it on a device via Safari and then copying the resulting row from the device's TrustStore.sqlite3 into the simulator's.
Dragging and drop used to work but it didn't work on XCode 12 for me. What worked for me was opening Safari browser on Simulator and then typing the file URL for the .crt certificate file.
Ex.
file:///Users/[folder_path]/[certificate.crt]
After that you have to goto Simulator Settings and install the certificate by navigating into General > Profiles section.
For IOS14, after the dragging, you need go to:
General -> Profile -> select you profile -> install
and then:
General -> About -> Certificate Trust Settings -> "Enable Full Trust for Root Certificate" for your particular certificate
see also https://developer.apple.com/library/archive/qa/qa1948/_index.html
Using iPhone Backup Extractor, I copied my iPhone's TrustStore.sqlite3 into ~/Library/Application Support/iPhone Simulator/6.0/Library/Keychains, overwriting the existing file. I tried to only insert a single row with the following sqlite, but I couldn't get it working.
sqlite3 ~/backup/iOS\ Files/TrustStore.sqlite3
sqlite3>.mode insert
sqlite3>.output working.sql
sqlite3>select * from tsettings;
sqlite3>.quit
Now, working.sql has the entire contents of the tsettings table (in my case, 1 row).
sqlite3 ~/Library/Application\ Support/iPhone\ Simulator/6.0/Library/Keychains/TrustStore.sqlite3
sqlite3>INSERT INTO tsettings VALUES(X'...
sqlite3>.quit
Again, the above sqlite commands didn't work for me, but might be a good starting point for someone else. Copying the entire TrustStore.sqlite3 from the backup into the simulator worked just fine.
Take a look at the iostrust Ruby gem: http://github.com/yageek/iostrust
When I started I couldn't get "Enable Full Trust for Root Certificate" to show up. I was using the certs I generated for nginx with openssl.
What worked was exporting the development cert from Keychain Access and downloading that with Safari in the simulator. Then the "Enable Full Trust for Root Certificate" showed up and I was able to get my application working.
Also, like people above have said dragging and dropping the cert on to the simulator doesn't work anymore. You can download the cert with Safari.
I have created a new iPhone application.I have two mach machines. I have created the certificate for running application in iPhone in one mac. Can I use the other mac for running the application in iPhone. But when I try to do so I get an error "Codesign error:Code signing is required for product type "Application" in SDK Device iPhone OS 3.1.2. Please some one help me.
Regards,
krishnan.
Have you transferred your credentials to the second Mac? They are stored in your keychain.
You may need to read up on how Code-signing works: http://en.wikipedia.org/wiki/Code_signing
Here's an overview:
Developer creates a Certificate via a Certificate Authority (CA)
This certificate is used to 'sign' the binary, providing 'proof' of who created it
Developer then uses the Certificate to sign the binary (this is the step you're missing on the second MAC)
This is handled via xcode, assuming you've followed the detailed steps on http://developer.apple.com/iphone
Clients using the binary can now verify the Certificate against a known CA to ensure the integrity of the build.
Also check that you are code signing on the target as well when you do the Archive build
Spent hours to figure this out. Actually you need to click on Project --> Build Settings --> click target --> code sign..
THIS IS not apparent