I have the following problem which I could not find a solution for anywhere. Basically, we have a company developer account (not enterprise) and so in order to submit our app, I requested from our team lead to send me the distribution certificate and create and send me a distribution provisioning profile. With the developer profile, everything works good, but when I installed the cert and the provisioning profile, I did not see the distribution profile on Xcode, and nor do I have a private key under the dist cert in the keychain. Does anyone know how to solve this? I read in diff places that I will need to revoke the certificate and create a new one, but I can't really do that since we have a bunch of apps in the company and I can't revoke it for everyone.
35.6k 19 19 gold badges 182 182 silver badges 309 309 bronze badges asked Oct 12, 2012 at 22:18 moshikafya moshikafya 3,280 5 5 gold badges 23 23 silver badges 27 27 bronze badgesSometime Private key is missing because we are trying to create Certificates with .CSR which were created on any other machine. So , make sure , your CSR file should also created on same machine where you are trying to create and install certificate..or you could use .p12 of certificates to avoid this issue
Commented Apr 12, 2019 at 7:59In my case I have two identical signing certificates in my keychain. It solved simply deleting one of them. Just in case.
Commented May 31, 2019 at 9:09
Ahh this is a common issue, The solution is simple:
Who ever created the developer credentials originally needs to go to the keychain on their computer and right click on the key(s) for private and public and export the key to a file. Then you just download that file on your computer and open it, and it will be added to your keychain.
You need to have both the private key (.pem file) and the certificate for your provisioning profiles.
answered Oct 12, 2012 at 22:25 5,750 4 4 gold badges 37 37 silver badges 47 47 bronze badges To be more specific it's the .p12 file you need (exported) Commented Oct 12, 2012 at 22:28@Nirma What to do if we don't have access to that computer from which developer credentials were originally created.
Commented May 11, 2018 at 12:56@NishadArora You'll have to create a new key to use. There's no way to use it without the the private key. AFAIK
Commented Jan 15, 2019 at 17:25 @Nirma How to create New one Commented Mar 28, 2019 at 11:51If it helps anyone, after having the public cert and private key installed (checked in Keychain Access and it was showing) I also had to restart Xcode to get it pick up the private key. Using Xcode 11.6 on OSX 10.15.5.
Commented Jul 20, 2020 at 11:36As long as you still have access to the mac which was used to generate the original distribution certificate it's very simple.
Just use that mac's Keychain Access application to export both the certificate and the private key. Select both using shift or command and right click to export to a .p12 file.
Attached a screenshot to make it very clear.
On your mac, import that .p12 file and you are good to go (just make sure you have a valid provisioning profile).
To add on to others' answers: If you don't have access to the private key anymore, it's fairly simple to get back up and running:
Here at my company is always a mess, nobody knows in which computer was created a certain certificate. Is just better to revoke and recreate
Commented Aug 28, 2014 at 16:19@user2387149 I'm here 6 years later to suggest CI/CD to do this kind of stuff and forget about distributon via xCode.
Commented May 19, 2020 at 22:21if i already downloaded a distribution certificate, then i revoked it then re request it again. should i remove the old distribution certificate?
Commented Jul 13, 2020 at 3:33 @kafinsalim yes, since it was revoked and not valid anymore Commented Feb 18, 2022 at 14:28 Also check "My Certificates" tab in keychain access, to view cert/key as pairs Commented Jul 6, 2023 at 12:15For those who are afraid of recreating a Distribution certificate, Apple's documentation says:
Important: Re-creating your development or distribution certificates doesn’t affect apps that you’ve submitted to the App Store nor does it affect your ability to update them.
However, it does affect apps built for the Apple Developer Enterprise ecosystem.
31.7k 21 21 gold badges 120 120 silver badges 161 161 bronze badges answered Aug 29, 2018 at 7:33 16k 8 8 gold badges 90 90 silver badges 109 109 bronze badges it does if you have an enterprise account! Commented Aug 29, 2018 at 17:29By "enterprise ecosystem system". For ex. are you talking about if you work in a large company and 100 developers have that private key for that specific app?
Commented Jan 17, 2019 at 3:30@petrosmm Yes. It is special account for enterprise. With this account you can not publish application to AppStore.
Commented Mar 16, 2022 at 5:30Delete the existing one from KeyChain, get and add the .p12 file to your mac from where the certificate was created.
To get .p12 from source Mac, go to KeyChain, expand the certificate, select both and export 2 items. This will save .p12 file in your location:
I lost hours and hours to resolve this issue, but it's fixed by just restarting MAC.
answered Aug 9, 2020 at 13:51 Muhammad Owais Muhammad Owais 1,148 3 3 gold badges 18 18 silver badges 39 39 bronze badges its woking for me Commented Jun 7, 2021 at 12:57 me too. instead i got it solved by restarting Xcode Commented Aug 23, 2021 at 23:48 It's 2022 and this is working on the latest XCode and MacOS Commented Apr 14, 2022 at 7:16 It's 2024 and this is working on the latest XCode and MacOS still 🤣🤟 Commented Mar 2 at 11:31In my case, I've lost all private keys in my keychain. New ones were imported correctly but they don't show the private key as well. The only thing that helped me was generating a new Certificate Signing Request.
31.7k 21 21 gold badges 120 120 silver badges 161 161 bronze badges answered Dec 23, 2014 at 14:18 JakubKnejzlik JakubKnejzlik 6,463 3 3 gold badges 40 40 silver badges 41 41 bronze badges In 10 years this answer helps me. Thanks a lot! Commented Jul 8 at 17:06After you changed a Mac which are not the origin one who created the disitribution certificate, you will missing the private key.Just delete the origin certificate and recreate a new one, that works for me~
answered Nov 21, 2017 at 2:34 Michael Yang Michael Yang 1,423 2 2 gold badges 18 18 silver badges 27 27 bronze badgesIf you are creating your own Distribution cert, not using someone else's then this could help.
Spent quite a bit of time on this today, issues from not being able to create a SigningRequest to generating a distribution cert and not having it attached to my private key in KeyChain Access. These steps helped solve this for me.
If you are still having issues, revoke your current cert and start fresh.
The Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority is actually contextually aware of what you currently have selected when you launch it. Just to be sure that you aren't accidentally skewing your Request with some random selection, go to your Login Items and select the Apple Worldwide Developer item. Then launch the above Request and create the CertificateSigningRequest.certSigningRequest file.
I had an issue where my cert would auto-install into the System area, instead of the login area where my private key existed and this caused my key not to be linked to the new cert.
