Can't seem to export a p12 file

macos certificate

I've been over this more than 10 times now, but I still can't seem to get the .p12 file I need to publish my app.

On the developer platform from Apple, I already have a development certificate. I'd download that and have it in my finder:

Image 1

I'd double click to open it and this would open my keychain access to show me the certificate:

Image 2

I noticed that I can't collapse the certificate to find the private key. Also did I notice that my certificate is located in the Certificates folder and not in the My Certificates folder.

So whenever I rightclick the certificate and try to export it, I'll only get the option to export a .cer, .pem or .p7b file.

What am I doing wrong here and how can I get my .p12 file?


Solution 1:

You need the private key corresponding to the certificate; without that, you cannot create a .p12 file or use the certificate to sign your app. The private key is not included in a .cer file, and it's impractical to compute it from anything in the .cer file.

The private key should have been created when you created the certificate; exactly where it was stored depends on the exact process you used to create the certificate. If you used Xcode, it should be in the keychain on the computer you created the cert on. If it's been deleted or lost, you'll need to create a new signing identity. From Apple's article on Maintaining Your Signing Identities and Certificates:

Because the private key is stored locally on your Mac, protect it as you would an account password. Keep a secure backup of your public-private key pair. If the private key is lost, you’ll have to create an entirely new identity to sign code. Worse, if someone else has your private key, that person may be able to impersonate you. In the wrong hands, someone might attempt to distribute an app that contains malicious code. Not only could that cause the app to be rejected, it could also mean your developer credentials could be revoked by Apple. Private keys are stored only in the keychain and can’t be retrieved if lost.

A .p12 file is a good form of backup, since it includes both the private key and the certificate (which includes the public key). But if you've lost the private key and don't have a backup, it's gone and you need to start over.

Related

Delete Local Accounts with Powershell Script
Assigning audio device output on an application level in Windows? [duplicate]
Allow a UNIX group access to only a single file through SSH
Free Partition Migration Tool [closed]
Since Windows 8.1 Cannot Access Network Shares on Windows Home Server 2011
Setting VPN to go through certain IPs and not others
Prevent cut and paste from/to RDP client
Finding out what the hijackers are doing/have done while in control of my router
Alternatives to Windows-builtin checkdisk utility for NTFS?
Can't map certain port and path with hosts file
Accidentally told Chrome to ignore Protocol Handler?
Hidden cells also get changed when I try to change a filtered cell