I think I accidentaly deleted public and private keys from Keychain Access-> login -> keys. Now when I generate new certificates, I am not seeing these keys. May I know how to restore or re download these?
If you deleted the private key (and don't have a backup), then you need to login to your Apple Developer account, go to provisioning portal, revoke the current developer or distribution key and follow the steps to create new ones.
Note: You will have to re-download any app provisioning profiles you may have also created to use the new private key
Related
how do I create a Key-pair in the Secure Enclave, which I can access from the System Keychain?
For a internal project, I need a AD Certificate, where the private key should be stored in the SE. For this I write a Swift Application which generates a key pair in the SE and build a CSR from this.
Now I have created a AD Certificate out of the CSR. Because of the Keychain access groups I can't access private key.
Is there another way to create a key pair in the secure enclave where I can access the private key from the keychain? Or does anyone know how to connect with the Certificate to a company Wi-Fi / VPN?
I've got a weird situation here; I developed an app in 2011 using a macbook (private key: alida).. then a couple of months ago was having some problems migrating cert to another machine so just decided to revoke it and generate another certificate now using another set of private keys (francisco)
The situation is that now I have both certificates using two private keys in the keychain (and the old cert expired);
The question: is there a way to pair both priv keys (francisco & alida) with one certificate in the keychain? or I just have to left one of my apps behind? both apps I already in the Appstore;
Look hows my keychain (new machine) looks like:
Any suggestion on what should I do? is there any hope to fix this?
Thanks in advanced.
[edit]
another screenshots from the "my certificates" tab in keychain; so, basically I lost one my apps (no updates ever?) I think If thats the case, I will revoke current cert again and renew it with the keys from 2011 (first app generated) and forget the other one :/
In this context, keys come in pairs: (public, private). A certificate is just a file containing your public key plus some extra data including a "subject" which is information associating the public key to a specific person or entity (such as a DNS address) and, most importantly, a signature from a signing authority certifying (hence "certificate") that the public key is owned by the entity. These key-pairs are inextricably bound: there is no meaningful way to associate the private key from one key-pair to the public key/certificate of a different key-pair.
Normally, a signer (such as Apple in this case) will not generate two certificates with the exact same subject without revoking the earlier certificate first.
If you have an app at the iTunes store signed with a revoked certificate, it needs to be replaced with one signed by the newer, non-revoked certificate.
I think there is no way to pair both priv keys. You should now go with new priv key.
My distribution certificate is going to expire in few days. I have changed my system so I want to know that do I need the old private key to create new certificate signing requrest?
Also I wanted to know that is is necessary to use the same email ID that is used to create the developer account while creating new certificate signing request?
Thanks
If its already expired, don't worry about old certificates.
Else you need to export your private keys on your old system and then install your private key and profiles on your new machine.
I think its not mandatory to use same email ID to create new certificates.
No you do not have to know anything about your previous keys to generate new ones. Just follow the instructions in the portal, and generate new ones.
I am trying to get the public and private Key from a certificate which i have already installed on the iPhone. (It is shown unter Settings -> General -> Profiles)
I need this keys for encryption sensitive data. (RSA Algorithm)
Up to now i have found no way to get access to the keys.
Is it even possible ?
If not: What is the best possible way to realize my problem otherwise ?
Thank you for all helpful answers.
1.) You can't get the private key of the profile for the simple reason, that your private key is not stored in the profile, it is only signed with it.
Instead consider getting familiar with the Security.framework. This post should give you a start
I just downloaded iphone sdk 4. when I try to install on the device I get
"Code Sign error: The identity 'iPhone
Developer' doesn't match any valid
certificate/private key pair in the
default keychain"
I have gone through the process of creating a provisioning profile and cert through iphone Development Provisioning Assistant. However, after installing the profile and cert the assistant asks to check whether public and private key are paired (surprisingly, it shows a pic of what seems to be a private key and cert being paired, i.e. the cert is 'under' private key in hierarchical terms. This is not the case in my keychain. Public key, private key and cert are there but there doesn't seem to be any associations.
Does anyone know how to pair a private key and certificate in keychain please this please?
ps. I have checked this thread but I'm hoping there's an easier way.
iPhone app signing: A valid signing identity matching this profile could not be found in your keychain
I wrote a wiki page (here) that describes how to export your certificate and private key pair. It's intended for my iOS development clients to send me their ad-hoc, but I believe it will solve your problem, too. The key is to make sure that you export the certificate and private-key PAIR all in one go -- not as two separate exports.
Hopefully, the screenshot near the bottom of that page will help out.