I have some code which runs fine in simulator, but when I try to build for iPhone, I get a cryptic error:
CodeSign /Users/.../myApp.app (1 error)
error: CSSMERR_DL_MISSING_VALUE
That's it. No other references.
Sounds like it's something about my code signing privileges, but what exactly? My private key, certificate and provisioning profile should be OK, but this happens with all apps, so it's not app specific. I tried reinstalling the provisioning profile, but to no avail. What should I do to get rid of this error and make code sign work again?
Ok, this is a weird one:
I had a smart card reader connected, with a smart card with a private key and certificate on it, that I use for some signing and authentication operations. It has nothing to do with Xcode, but apparently this smartcard confused Keychain enough to spit out this error. Disconnected the card reader and signing works again as expected.
Related
I've been living the nightmare of trying to submit an app to the iTunes store... The newest massive waste of time is an error message that I get when I try to validate or distribute my archive from the "organizer".
The exact message is:
My Xcode is version 4.3.2. I'm pretty sure my WWDR is installed, because this has never been an issue before. I also tried to re-install it just to be safe.
The most frustrating/confusing part is that I JUST submitted my app successfully two weeks ago and nothing was changed. My app was rejected for meta-data reasons. I fixed those issues, re-installed one of my plugins, and now this.
Any suggestions? Even a link to some helpful documentation would be great. I've found the Apple developer docs extremely confusing and UN-helpful.
EDIT1:
I think I may have gotten closer to the problem. I changed some of the build settings and now my build fails with this error:
Code Sign error: Certificate identity 'iPhone Distribution: [my name]' appears more than once in the keychain. The codesign tool requires there only be one. I want to fix this but I'm not clear on which code signing profile should be set where. There are different settings depending on whether I click the "project" icon or the "target" icon and each of those has four different choices. Do all of these require code signing? Can anyone give me an example of a working configuration?
EDIT2:
I think I maybe found the problem. There is a small note that says my Distribution profile has no provisioning portal. I've been downloading and installing new .mobileprovision files but they all say "Developer". I think just need to figure out to download a new distribution profile.
SOLUTION:
Thanks to some pointers from Saad (see below), I figured out what was wrong. I was using the auto-select option for code signing, and the only distribution profile had an invalid provisioning profile. This happened very quietly, and I'm not sure why. I only noticed it when I went back into the provisioning portal to create a new distribution profile. After installing this, everything works.
your provisioning profile is not properly set
Code Sign error: Certificate identity 'iPhone Distribution: [my
name]' appears more than once in the keychain. The codesign tool
requires there only be one.
Open Applications > Utilities > Keychain Access and search for your Distribution certificate. Sometimes the Xcode Organizer decides to generate a new certificate for you and invalidates your old one, but does not remove it from your keychain. Remove the expired/older certificate and quit/re-launch Xcode (make a backup first, in case, by dragging to Desktop or Exporting). That should at least clear up part of your problem.
As for the provisioning profile, if that still is a problem, I'd manually go into the iOS development center and download the App Store Distribution Provision Profile for your app, removing all other provisioning profiles, until you figure this out. Quitting and relaunching Xcode when dealing with certs/provisioning profiles is something I've always had to do.
project identifier and your profile identifier must match
XCode is giving me the above error. This is my first experience with, what I'm assured is, the "easiest platform to write code with, ever".
The response in Code Sign error: The identity 'iPhone Developer' doesn't match any valid certificate/private key pair in the default keychain of making sure the "Debug" and "Release" (which I assume means "Distribution") are the same did not help.
I don't see a program portal portion off http://developer.apple.com on signing in, as I should according to Code signing error: Doesn't match key pair in default keychain.
I also found https://webbuilders.wordpress.com/2009/12/25/code-sign-errors-profile-doesnt-match-any-valid-certificateprivate-key-pair-in-the-default-keychain/ whose steps I followed and it still doesn't want to build.
Welcome to a special new bottomless source of frustration! Coding for iOS is great—once you get the hang of it, Objective-C is a great language and UIKit has (for the most part) really well-built frameworks with clean, intuitive APIs. But using Xcode to get your code running on your device can be a miserable experience that tries your patience and sanity, presenting you with unintelligible, random errors for no apparent reason, even when the same thing worked yesterday. Believe it or not, provisioning (the process of signing your app with a developer key so that it's allowed to run on the device) isn't as bad as it used to be, because Automatic Device Provisioning takes care of a lot of the tedious setup bits now. See Technote 2250 for details:
https://developer.apple.com/legacy/library/technotes/tn2250/_index.html
Also, you did pay the $99 for the iOS Developer Program, right? You can't get a developer profile and deploy to your iOS device without that.
As stated ..i was trying to get a IPA file (for testflight.com) but without enroll int he developer program .... i got the same error. You need a certificate installed after enrolling.
From time to time, may iOS developers experience the problem of being unable to build their apps for deployment to a device because the Keychain seems to forget that their developer certificate is associated with their private key. Both the developer cert and the private key are present, but they don't show up "under" each other as they should.
Ditto for the distribution certificate. It can get disconnected from its private key and XCode will refuse to work.
Searching the web reveals dozens of versions of this question being asked here and elsewhere. The result is either "Hey, this morning it works!" or the thread goes dead and there's no answer. (Alternative to the former is "I rebooted and it works" or "I re-launched XCode and it works".)
The answers I previously received before were all "read Apple's exemplary and flawless documentation". Well, I've been there and I've done that. Like I said, this was all working fine and now it doesn't. Nothing changed. It does this 3-4 times per year. In the past I was one of those "I re-launched XCode and now it works" guys but this time no amount of dragging, dropping, relaunching, or re-booting will work.
I'm looking for suggestions.
I am not sure what is causing it for you, but I know one way to fix it. I just installed lion and went through the same thing. I simply went to the Apple Developer portal, deleted my developer certificate, followed their tutorial (which shows up when you create a new developer certificate). This basically had me generate a new CSR (Certificate Signing Request) in KeyChain. Uploaded the new cert, then had to go into my apps and make new dev profiles with the new certificate.
I'm trying to write an entry to the keychain, but it fails with a return code of -25243, the documentation only lists the "common" error codes and points you in the direction of "The Open Group" for help. I've downloaded the document but haven't got a clue where to look, the document is over 1000 pages long and just appears to list a load of #define.
Can anyone help?
There are some reasons why you could be seeing this error when running on a device. Both cases I have seen happen when attempting to store a value to the keychain using an access group.
Entitlements are not enabled
Entitlements ARE enabled, but the access group does not exist
To make sure you have all of these things set up properly:
Select your app target in Xcode
Select the Summary tab
In the Entitlements section, verify that the Enable Entitlements checkbox is checked.
Verify that Keychain Access Groups includes the group you are attempting to write to.
OK, the problem appeared to be that I was trying to store a value in kSecAttrAccessGroup, changed it to kSecAttrDescription and all is well
A little late but it's worth answering properly. This error occurs when attempting to use an access group with the keychain from the simulator.
Note this snippet from the GenericKeychain example.
#if TARGET_IPHONE_SIMULATOR
// Ignore the access group if running on the iPhone simulator.
//
// Apps that are built for the simulator aren't signed, so there's no keychain access group
// for the simulator to check. This means that all apps can see all keychain items when run
// on the simulator.
//
// If a SecItem contains an access group attribute, SecItemAdd and SecItemUpdate on the
// simulator will return -25243 (errSecNoAccessForItem).
#else
[genericPasswordQuery setObject:accessGroup forKey:(id)kSecAttrAccessGroup];
#endif
I ran into this issue recently, it turned out to be that I have multiple developer accounts and Xcode chose the "wrong" Developer Certificate to sign my debug build with. This certificate didn't belong to the same Developer as the App Id, so the app didn't have access to that Keychain group anymore.
Once I forced the code signing to use the right Developer Cert then the error went away.
Finally got MGTwitterEngine stuff to
compile (by setting the Header Search Paths to /usr/include/libxml2 iphoneos3.0/usr/lib/libxml2)
AND link (by removing the Twitter LibXML Parsers code and assigning a weak role to libxml2.2.dylib in Targets: Link Binary With Libraries).
But when I do a Build and Go to the iPhone (not the simulator), I get this error:
"This provisioning profile does not have a valid signature (or it has a valid, but untrusted signature)."
I have followed the official Apple Developer process of getting a certificate and provisioning, etc. Obviously, I did something wrong somewhere. Has anyone come across this problem or have any ideas on how to solve it?
Things to check:
In Keychain Access, make sure you have a code sign identity (public and private keys and a certificate titled "iPhone Developer: Your Name"
In your Info.plist, make sure your Bundle Identifier matches your App ID that you created in the dev portal
Make sure you installed the .mobileprovision (from Terminal> open x.mobileprovision)
In the dev portal, make sure your provisioning profile has your certificate, your App ID, and your device all enabled. If it doesn't, fix that and re-download and re-install your provisioning profile.
Follow the instructions very carefully when creating your Certificate. One time, in Keychain Access, when I went to Request a Certificate, I had something else selected in the list panel and so it created the wrong kind of certificate. Make sure nothing in the list is selected when you do this part.
Restarting Xcode may also work... (Work for me couple of times)
Troy It looks like the issue is you don't have a keypair that is tied to the provisioning profile installed. It's tough to tell for sure but that is my best guess.
If that is the case, I've been working in a similar situation - what you need is to either generate a private key using the iphone development portal under the same account your boss used and then add that new key to the provisioning profile you are building with.
OR
You can get your boss to export the key he generated when he created the provisioning profile - he can export it from keychain and give it a password that will allow you to install it but protect it from anyone else installing it.
I guess the fifth time's the charm. I basically deleted the certificate and the provisioning file, etc., and started completely over. Viola! Now for those pesky memory leaks! :-) Oh, Java, wherefore art thou, Java? (and your majic garbage collection!)
One of the things that I tried and worked for me was to reset the keychain access
http://support.apple.com/kb/TS1544