How do you remove a certificate that you've uploaded for a customer account data api app? I have the option to add a new certificate and an option to change the certificate, but no option to delete.
I accidentally uploaded a cert to the wrong app and I don't want to leave it there.
Your existing cert will be replaced with the newly uploaded one. So, you don't need to delete the cert.
Related
My application implements SSLPining with leaf certificate. And it's about to expire.
I researched and got the answer:
Some time before the certificate expires, release a new version of your app with a replacement cert in the pin list, as well as the original cert
How can i add both replacement cert and original cert to my project?
I just need to add a new certificate with any name and Will Alamofire go through all the certificate files I declare and if any match will it allow the connection?
Thanks
Yes, that will work. Alamofire's PinnedCertificatesTrustEvaluator gathers all certificates from the main bundle by default and checks to see whether the certificate received is within that set. So as long as both certificates are within that set, either of them should work.
I need to remove the ILB Certificate that was set on the Internal Load Balancer App Service Environment (ILB ASE)
There is no remove or delete option in the GUI, and i cannot seem to locate any Powershell, or Azure CLI commands for removing only the ILB Certificate
I do not want to make any other changes to the ASE, as i already have several Apps and configurations set
You go to the Resource Group, mark "Show hidden types" and delete the cert as you would do with any other resource.
ILB certificate is required for an ILB ASE to run and that is why you cannot find the remove button.
You can update that certificate by "update ILB cert"
You can try to set cert name to null in cluster setting. Please check Resource Explorer > Hosting Environment endpoint
You could try this method:
Go to Azure resource portal (https://resources.azure.com ) and navigate to subscriptions --> specific subscription --> providers --> Microsoft.Web --> certificates. You will see the certificates. Click the specific cert which you want to remove and delete it directly here. Make sure you have enough permission to do this.
Update
Just click the read/write in the top of Azure resource portal to change to read/write mode, then you can delete the cert. I am an owner role in the IAM of ASE. I can remove the cert after I upload a self-signed cert in the ILB cert.
I'm stuck with my app. I can't upload it to iTunes because, after the "Archive" step when I have to choose an application record and a Code Signing Identity it says:
"My Name" is a valid identity. However, the associated package identity "My Name" has expired.
Looking in the popup menu of Code Sign Identity I notice that the problem comes from the "MyProgram_production" certificate, and in fact in the provisioning portal, when I go to create the developer certificate profile for Production I get this error:
You must have a valid Mac Application Certificate to create a Provisioning Profile.
But I already created a valid provisioning profile, as you can see in the image it is there, but the expired one is also there.
My problem is that in the certificates page of the Apple site, the old expired one is not there. There are some old certificates but I have no chance to delete them:
What can I do about this?
After 2 days of total desperation... (I should be used being an Apple Dev for some years now...) I finally resolved my problem...
For who is having the same difficulty the problem was I could not see the expired certificates in my Keychain Access and that is because there was the (strange) option "Hide Expired Certificates" in my comp... I changed Mac and had no idea there was this option...
Why someone should want to hide an expired certificate and not just delete it???
Anyway deleting the expired certs and doing all the certificates again on Apple site did the trick!
You have to revoke and have to create new certificate. It clearly says "You must have a valid Mac Application Certificate to create a Provisioning Profile. So you have to generate valid certificate starting from keychain.
I am trying to create certificates that will allow me to send push notifications on my device and I am total lost. I have used certificates for BETA and distribution but adding push notification is pain.
When I do create certificates for BETA testing, I do the following steps.
From keychain, Request a certificate from a certificate authority.
In Apple Provisioning Portal under Certificates, create a certificate uploading file keychain file.
Assume APP ID is created perfectly and devices are ready.
In Apple Provisioning Portal under Provisioning, I create a new profile and download mobile provisioning file to add to the XCode organizer.
That above steps works and I can BETA test. Now in order to enable push notification, I have setup server which is tested with push notification and is 100% working. When I configure for push notification, I need to upload keychain file. Is that the same file I uploaded under Certificates? There is a file in return which I double click and it gets added to the keychain, am I doing it right?
If I understand your question correctly, the answer is no, it should not be the same file. I'll explain the entire process in detail and hopefully that will clarify the situation (and what you need to do next).
When you enable push notifications, you need to do four things:
Create a private/public key pair.
Create a certificate signing request (CSR), signed with your private key.
Submit the CSR to Apple and download a signed certificate.
Create a file containing your certificate and private key, for validating each APN request.
Some points:
I recommend you use different keys for development (sandbox) and production APN. You can re-use the keys if you are sending notifications to different apps, but it is safer if you don't re-use keys between development and production.
The file you "submit" to the provisioning portal is the certificate request. You will have one CSR file for each certificate. You will create a two CSR for each app (bundleID); one for development, one for production. The CSR created with your development key should be submitted for development and the CSR created with your production key should be submitted for production.
Note: Keep the CSR files. You don't have to have them, but it will save you some time when you need to re-send the certificate requests.
After submitting your CSRs, you will be able to download the actual certificates. They aren't ready immediately, so give Apple a minute or so and then refresh your browser. The difference between the CSR and a certificate is important: the certificate is signed by Apple; it validates your ability to send push notifications. Download the certificates and load them into your keychain (double clicking is fine).
Note: the certificate is useless without your private key; so you will need to safely export your private key if you switch computers.
Any computer sending an APN request will need both the private key and the certificate. You can export them as a single .p12 file using Keychain Access. (I name mine MyAppCertKey.p12 to indicate that the file contains both the certificate and the key.)
Last, I wrote up a detailed explanation on testing / verifying communication with Apple's servers (from the terminal). It's a little complicated since you need to have some root certificates set up for openssl to validate against; however, it will tell you if you are communicating correctly with the servers, without requiring any work on the receiving app itself.
Couldn't able to connect to APNS Sandbox server
Hope that helps.
I'm creating a new CSR (Certificate Signing Request) using the Keychain Access tool:
Certificate Assistant -> Request a certificate from a certificate authority...
In the certificate information I fill in my email address and name,
selecting the "Save to disk" option.
I save the CSR to the desktop
The wizard completes successfully, but no file is saved to disk!
I've done this before, but this time it just isn't working. I tried restarting the
Keychain tool, restarting the computer, no luck.
Any ideas?
You have an existing private key selected in the main window of Keychain Access. That is also why it says "Request a certificate from a certificate authority using {some id}" in the menu. Deselect the private key by selecting something else, and then it will work. Apple if you're reading this, you need an error message at the end of the sequence described above.
I had the same problem. I noticed (after reading the first answer above), that I had the Keys category selected. I then selected the Certificates category, ensured I did not have any of the available Certificates selected, and I started my request and this time it worked like a charm.
Had the same problem. Here's the solution (for me at least).
You can have only one developer certificate installed on one machine - delete your old certificate from the keychain and you will be able to create the new one normally.