4

I've been over this more than 10 times now, but I still can't seem to get the .p12 file I need to publish my app.

On the developer platform from Apple, I already have a development certificate. I'd download that and have it in my finder:

Image 1

I'd double click to open it and this would open my keychain access to show me the certificate:

Image 2

I noticed that I can't collapse the certificate to find the private key. Also did I notice that my certificate is located in the Certificates folder and not in the My Certificates folder.

So whenever I rightclick the certificate and try to export it, I'll only get the option to export a .cer, .pem or .p7b file.

What am I doing wrong here and how can I get my .p12 file?

Improve this question

1 Answer 1

Reset to default
10

You need the private key corresponding to the certificate; without that, you cannot create a .p12 file or use the certificate to sign your app. The private key is not included in a .cer file, and it's impractical to compute it from anything in the .cer file.

The private key should have been created when you created the certificate; exactly where it was stored depends on the exact process you used to create the certificate. If you used Xcode, it should be in the keychain on the computer you created the cert on. If it's been deleted or lost, you'll need to create a new signing identity. From Apple's article on Maintaining Your Signing Identities and Certificates:

Because the private key is stored locally on your Mac, protect it as you would an account password. Keep a secure backup of your public-private key pair. If the private key is lost, you’ll have to create an entirely new identity to sign code. Worse, if someone else has your private key, that person may be able to impersonate you. In the wrong hands, someone might attempt to distribute an app that contains malicious code. Not only could that cause the app to be rejected, it could also mean your developer credentials could be revoked by Apple. Private keys are stored only in the keychain and can’t be retrieved if lost.

A .p12 file is a good form of backup, since it includes both the private key and the certificate (which includes the public key). But if you've lost the private key and don't have a backup, it's gone and you need to start over.

Improve this answer
6
  • Thanks, that helped alot! Definitely the answer I was looking for!
    – Jordec
    Commented Jun 6, 2016 at 8:16
  • I have the private key. I see the cert and the key in my keychain. But when I want to export, the option is grayed out. Any thoughts?
    – Honey
    Commented Dec 12, 2020 at 21:13
  • @Honey Do the cert & key show up as associated if you select "My Certificates" in the lower left sidebar of Keychain Access? If so, try exporting it from there. If not, then Keychain Access doesn't think/realize they go together (but I don't know why not).
    – Gordon Davisson
    Commented Dec 12, 2020 at 21:53
  • They show associated from the 'My Certificates' section. Still it's grayed out
    – Honey
    Commented Dec 12, 2020 at 21:58
  • @Honey Wait, is the .p12 format option greyed out, or is the entire "Export Items" menu option greyed out? In either case, I'm not sure what would cause it, so I'd ask a new question about it. Ask Different would probably be a better place to ask, since it's very Mac-specific issue.
    – Gordon Davisson
    Commented Dec 12, 2020 at 22:03

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .