This certificate has an invalid issuer - McMap

About

This certificate has an invalid issuer

Asked 3/7, 2013 at 16:33 Answered 3/7, 2013 at 20:46

Solved xcode macos certificate keychain certificate-authority

P

1

7

Our distribution certificate for an enterprise ios app is expiring soon, so we made a second certificate in order to build a new, not expiring version of the app. I created a new certificate using keychain access just like I've done before (3 years to expire instead of one... woo hoo). Since I named it the same as the old certificate, I exported the old one and saved it out on our fileserver then deleted the old certificate from the keychain.

I managed to archive the app with the new provision profile that uses the new certificate. But, when I go to create the ipa file to test the distribution it can't find any valid provisioning profiles.

When I checked the certificate in the keychain, it now shows as "This certificate has an invalid issuer" instead of "This certificate is valid".

I have the private key and it is showing just fine on the apple developer site... so I'm not sure why it's saying there's an issue with the issuer. Has anyone else seen this before? Or do I just need to clear everything ahead of time and then make yet another certificate/provisioning profile for the app?

Pyriphlegethon answered 3/7, 2013 at 16:33 Comment(8)

What do you see in keychain access? – Vanderbilt 3/7, 2013 at 17:30

In keys I see the private key that I added and the public key. The certificate attached to the private key's status is "This certificate has an invalid issuer" in red text with an x icon (as opposed to "This certificate is valid" in green with a check). Looking at the certificates shows the same information, but it shows the certificate with the error with the private key attached. – Pyriphlegethon 3/7, 2013 at 18:2

Have you recently changed your keychain password or deleted it when prompted to change your password? I created a headache for myself recently where I was prompted to change my password on my macbook and instead of "updating" the keychain i "removed/deleted" the keychain rendering my previously valid cert as invalid. – Vanderbilt 3/7, 2013 at 18:7

To my knowledge the password hasn't changed or been deleted. I'm not the only person that uses the mac though. It has definitely not been changed since I added the new certificate. – Pyriphlegethon 3/7, 2013 at 18:12

something is fouled up... what happens if you perform another CSR song & dance on the dev portal from that box again? If the CSR already exists the portal should stop you. Whatever you do (and I'm sure you know this) don't delete/revoke the original Dist Cert out of the dev portal. – Vanderbilt 3/7, 2013 at 18:16

Ok, exported the certificate and imported on another mac. Successfully built the ipa and deployed it to a device. I'm going to try clearing the keychain later today and see if that fixes the issue for the original mac... if anyone knows why a keychain would reject a valid certificate that was created on that mac using keychain access... let me know so I can avoid it in the future. – Pyriphlegethon 3/7, 2013 at 19:57

I'd love to throw a solution up there for a quick checkmark but i really don't know what the deal is there. what happens if you re-import it back to the original mac? – Vanderbilt 3/7, 2013 at 19:59

If you right-click on the private key what are the Access Control permissions under Access Control? – Vanderbilt 3/7, 2013 at 20:9

P

0

Well, it suddenly started working later in the day. I have no idea what caused the original issue.

If you have multiple macs, you can export the certificate and import it on another machine. That worked for me.

If you only have access to the one mac... wait four hours, cross your fingers and try again?

Pyriphlegethon answered 3/7, 2013 at 20:46 Comment(0)

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.