Xcode无法在您的钥匙串中为此配置文件找到有效的私有证书/有效密钥对 [英] Xcode could not find a valid private certificate/valid key-pair for this profile in your keychain
问题描述
我在安装其他开发人员创建的配置文件时遇到问题。
- 开发证书已存在
- 我正在使用的应用程式具有与凭证相关联的配置设定档
- 已添加我的设备UUID
- 应用程序的AppID已存在
- 开发供应配置文件存在,使用我的UUID
当我下载证书和配置文件时,我在管理器中收到错误:
Xcode在您的钥匙串中找不到此配置文件的有效私钥/有效密钥对
如何解决?
您还需要在请求证书时使用的私钥。 / p>
私钥是用于签署使用开发人员身份编译的每个设备二进制文件。您下载和导入的证书基本上只是您的私钥上的一个印记,使用此密钥签名的代码允许在设备上运行。
其他开发人员导出生成原始证书签名请求时使用的密钥,然后将其导入到您的计算机上。
查看钥匙串以查看密钥是否与证书正确配对一旦你有两个:
当一切正确到位时,你应该在你的证书上看到一个披露三角形,让你看到钥匙(反之亦然)您应该在密钥下看到证书)。否则,关系不正确,在导入期间不能被Keychain识别(在某些情况下,当导入更新的证书,而过期的证书仍然在钥匙串中时)。
我最近试图将iOS开发者证书的公钥/私钥对移动到另一台机器。公共文件使用Keychain Access导出到.pem,私人文件导出到受密码保护的.p12。
在另一台机器上,Keychain Access不会导入它们。解决方案是好的旧命令行:
安全导入ios_priv.p12 -k〜/ Library / Keychains / login.keychain
security import ios_pub.pem -k〜/ Library / Keychains / login.keychain
编辑以回复@ baudot的注释。
确保您的钥匙串中还有Apple开发人员关系根CA证书。这是用来验证凭证。
您也可以选择一个新的开始。只需从您的钥匙串中删除密钥和证书,在ADC门户上撤销它们并删除它们相关的配置文件。
一旦您删除了所有内容,就可以生成一个新的密钥对和相关的证书签名请求。
然后,您转到ADC门户,上传您的新证书签名请求,生成新密钥
唯一不可替代的是您的ADC帐户。所有其余的都可以恢复或重新创建。
我也建议你使用Xcode中内置的新的自动配置。这样可以节省下载和导入配置文件的麻烦。它只是将现有的与ADC同步。
Possible Duplicate:
Xcode - iPhone - profile doesn’t match any valid certificate-/private-key pair in the default keychain
I'm having a problem installing a provisioning profile created by another developer.
- Development Certificate already exists
- App I'm working on has a Provisioning Profile associated with the certificate
- My device UUID has been added
- AppID for the app already exists
- Development Provisioning Profile exists, with my UUID
When I download the Certificate and Provisioning Profile I get the error in Organizer:
Xcode could not find a valid private certificate/valid key-pair for this profile in your keychain
How can I resolve?
You also need the private key that was used when requesting the certificate.
The private key is what is used for signing every device binary you compile using that developer identity. The certificate you download and import is basically just a stamp on your private key saying "code that is signed using this key is allowed to run on a device".
Have the other developer export the keys used when generating the original certificate signing request and then import them on your machine.
Look in Keychain to see if the key is correctly paired with the certificate once you have both:
When everything is correctly in place you should see a little disclosure triangle on your certificate which lets you see the key (and vice versa on the key page where you should see the certificate under the key). Otherwise the relationship is not correct, not recognized by Keychain during import (I have seen this in some cases when importing a renewed certificate while the expired one was still in the keychain).
I was recently trying to move the public/private key pair for an iOS developer certificate to another machine. The public file was exported using Keychain Access to .pem and the private file to a password protected .p12.
On the other machine Keychain Access would not import them. The solution was the good old command line:
security import ios_priv.p12 -k ~/Library/Keychains/login.keychain
security import ios_pub.pem -k ~/Library/Keychains/login.keychain
So try this if you have problems transferring the keys for your certificate.
EDIT to reply to @baudot's comment below. (It wouldn't fit in a comment)
Make sure you also have the Apple Developer Relations Root CA certificate in your keychain. That is what is used to verify the certificate.
You could also opt for a fresh start. Just delete the keys and certificates from your keychain, revoke them on the ADC portal and delete their associated provisioning profiles.
Once you have removed everything you can generate a new key pair and associated certificate signing request. Then make sure to export the keys and stash them in a good place for the future.
Then you go to the ADC portal, upload your new cert signing request, generate new provisioning profiles and you are good to go.
The only irreplaceable thing is your ADC account. All the rest can be restored or recreated.
I would also recommend that you use the fancy new automatic provisioning built into Xcode. That saves you the headache of downloading and importing the provisioning profiles. It simply syncs your existing ones with ADC.
这篇关于Xcode无法在您的钥匙串中为此配置文件找到有效的私有证书/有效密钥对的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
