How to convert a .cer file to .p12 without the keychain password?

keychain certificate ipa

Private Key

You will need the password for the Keychain to export the private key associated with the certificate.

Alone the certificate can not be used to sign. You need the private key as well.

The private key was probably created along with the original CSR (certificate signing request) sent to Apple. By default, the private key is stored in the user's Keychain.

  • The certificate is public and often stored in an unencrypted .pem file.
  • The key is private and often stored in the Keychain or an encrypted .p12 file.

New Certificate and Key

You can ask Apple for a new signing certificate, using a new private key and CSR. This does not require administrator access or access to the existing Keychain. You will need access to the online Apple Developer account of the company.

As a precaution, consider creating a separate Keychain for the company - marked as Default while creating the CSR. The private key will then be saved into the separate Keychain and can be passed to codesign as an absolute path with the --keychain flag. You can also store the certificate in this Keychain file.

Related

Can I boot from an external drive with hardware encryption?
Hide name of the user and computer name from terminal window title
Where does a large file go when I delete it from a volume?
PBS not working on Apple TV. Other channels are fine
In OS Catalina make a account Standard
Unlock iPhone X while screen is broken and won't turn on?
Merge svg files into PDF
Modify terminal .command file to run on multiple files
Many websites not opening from a certain WiFi connection
How to enable multiple words on Quicklook search?
How can Windows be installed to a Mac via Boot Camp in BIOS Boot mode?
Unable to edit config.inc.php in the phpmyadmin configuration