我如何摆脱Apple Developer ID证书混乱 [英] How do I get myself out of Apple Developer Id Certificate mess
问题描述
免责声明,我是Java开发人员,而不是Apple开发人员,因此很少使用Apple专用工具.
Disclaimer, I am a Java developer not an Apple developer and therefore only use Apple specific tools very rarely.
我开发了一个Java应用程序,并在命令行中以如下方式使用Apple Developer Id证书对其进行签名
I develop a Java application, and as part of my build from the command line I sign it with an Apple Developer Id certificate as follows
export CODESIGN_ALLOCATE="/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate"
/usr/bin/codesign --sign "Developer ID Application: P Taylor" --force --deep --verbose /Applications/SongKong.app
/usr/bin/codesign --verify --deep --verbose /Applications/SongKong.app
不幸的是,当我今天尝试构建时,由于证书在几天前过期而出现错误,它最初是5年前创建的.
Unfortunately when I tried to build today there was an error because the certificate had expired a few days ago, it was originally created 5 years previously.
因此,我续签了Apple Developer会员资格(该会员资格也已经过期),并最终找到了一种使用 KeyChain 来创建CertificateSigningRequest.certSigningRequest文件的方法,然后将该文件上传到Apple并生成了developerID_application.cer文件.我打开了它并将其添加到KeyChain
So I renewed an Apple Developer membership (which had also expired) and eventually found a way using KeyChain to create a CertificateSigningRequest.certSigningRequest file which I then uploaded to Apple and it generated a developerID_application.cer file. I opened this and it was added to KeyChain
然后我重新运行我的构建,但是失败了,因为它现在找到了两个证书
I then rerun my build, but it failed because it now found two certificates
然后我删除了旧的过期证书并重新运行,这一次,我似乎不得不通过输入KeyChain密码来授予使用证书的权限.不幸的是,这似乎与我的主要Mac密码不同,因此我最终不得不强制退出并重新启动.
I then deleted the old expired one and reran, this time it seemed I had to give access to use the certificate by entering my KeyChain password. Unfortunately this does not seem to be the same as my main Mac password and hence I eventually had to ForceQuit and reboot.
为了重置KeyChain密码,我按照在线步骤操作
In order to reset KeyChain password I followed steps online to
Open KeyChain Access
From the KeyChain Access menu, choose Preferences.
Click General, then click Reset My Default KeyChain.
然后我重新运行我的构建,但是尽管证书似乎在那里,但它报告未找到身份".我想是因为创建了新的KeyChain,所以我删除了我的个人身份(这是证书颁发机构吗?).
I then reran my build but although the certificate seems to be there it reports 'no identity found'. I think because having created a new KeyChain I have removed my personal identity(is this Certificate Authority ?).
所以现在我只有开发人员ID证书,而没有其他部分,也不知道该怎么办.
So now I only have a the Developer Id certificate but the not the other parts and don't know what to do.
问题1 :当我选择重置我的默认钥匙串时,它说旧钥匙串保存在某个地方,所以我的第一个问题是我是否可以再次将其设为默认值可能有一种方法可以实际重置密码,或者我将能够猜到它.
Question 1:When I selected Reset My Default Keychain it said the old keychain was kept somewhere, so my first question is can i make that the default again and then possibly there is a way to actually reset the password or perhaps I will be able to guess it.
问题2 :如果我不能执行Qu.1,该怎么做才能重新创建我现在缺少的个人证书部分.请记住,这仅仅是因为用户可以在我的Mac上安装我的软件,而不会收到有关不受信任的开发人员的警告.
Question 2:If I cannot do Qu.1 what do I need to do to recreate the personal certificate part that I am now missing. Remember the whole point of this is simply that users can install my software on their Macs without getting warnings about untrusted developers.
推荐答案
好,我解决了这个问题,我遵循了这些说明,以便基本上恢复我以前的钥匙串
Well I resolved it, I followed these instructions in order to restore my previous keychain, basically
- 在 KeyChain访问中,选择删除钥匙串登录" ,并确保在出现提示时选择 Delete References ,而不是 Delete References&文件.
- 打开 Finder ,然后转到文件夹〜/Library/Keychains
- 将 login.keychain 重命名为 login.keychain.old
- 将 login-renamed-1.keychain 重命名为 login.keychain
- 在 KeyChain访问中,选择添加钥匙串",然后选择 login.keychain 文件
- 重新启动 KeyChain访问以查看正确的结果
- In KeyChain Access select Delete Keychain "login", and ensure choose Delete References when prompted, not Delete References & Files.
- Open Finder, and go to Folder ~/Library/Keychains
- Rename login.keychain to login.keychain.old
- Rename login-renamed-1.keychain to login.keychain
- In KeyChain Access select Add Keychain and select the login.keychain file
- Restart KeyChain Access to see the correct results
但是后来我仍然遇到一个问题,当我尝试签名时,系统提示我输入KeyChain密码,但我不知道.....
But then I still had the problem that when i tried to sign I was prompted for KeyChain password and I didn't know it.....
但是在 KeyChain Access 中,我去了 Edit:更改钥匙串登录"的设置 并输入我认为的旧密码和新密码,即使我使用密码对其进行签名失败,它也接受了更改
However in KeyChain Access I went to Change settings for keychain "login" and entered what I thought was old password and new password, and it accepted the change even though when I used the password to sign it failed
然后我运行登录并在出现提示时输入新密码并被接受.
I then ran sign and entered the new password when prompted and it was accepted.
我验证了签名,上载了版本,下载,安装并运行了该版本,以确保该版本没有问题,而且还不错.因此,我希望这个答案可以帮助其他非Apple开发人员在他们的工具上苦苦挣扎
I verified signature, uploaded build, downloaded, installed and ran to ensure there was no problem with the build and it was fine. So I hope this answer helps other non Apple developers struggling with their tools
这篇关于我如何摆脱Apple Developer ID证书混乱的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!