Login/Register
Unable to revoke Mac Certificates
Asked Answered
Solved xcodemacosmac-app-store
E

2

11

I was having some code signing problems and in a rash decision I decided to delete all my certificates and private keys and to start over. I read and understood that this would mean a lot of work to set things up again, but I didn't think this would create an irreversible situation:

  1. I have 10 un-revokable Developer ID certificates: 5 Developer ID Application certificates and 5 Developer ID Installer certificates, with different expiration dates (2017 to 2019).

  2. If I click the + button to add a certificate the radio button for Developer ID is unselectable (grayed out).

So, my problem is that I don't have the private key for these certificates, I can't revoke them, and I can't create new Developer ID certificates. One other thing: I'm the only member of the team.

I called Apple Developer Support and they weren't sure how to fix this. They said they'd have to get back to me.

Anyone else have any suggestions?

Thanks

Philip

Example answered 28/7, 2014 at 22:11 Comment(0)
E
12

Okay, in case anyone else missed this in the App Distribution Guide here's what I found:

You can’t revoke Developer ID or Passbook certificates using Member Center. Instead, send a request to Apple at [email protected] to revoke these types of certificates. If Apple revokes your Developer ID certificate, users can no longer install applications that have been signed with that certificate. Instead of revoking a Developer ID certificate, you can create additional Developer ID certificates using Member Center as described in “Requesting Additional Developer ID Certificates.

I didn't realize 5 Developer ID Application and 5 Developer ID Installer certificates were the limit. Hopefully, Apple will revoke them for me.

Example answered 29/7, 2014 at 1:57 Comment(4)
Were you able to get a hold of Apple to have your certificates revoked? If so, how long did it take for them to respond? What information about the certificates did they need to revoke them (expiration date, serial number, etc.)?Premeditation
Apple would not revoke them. In the end, they decided to let me create a few more.Example
I recently emailed [email protected], and they instructed me that they can only revoke certificates if there's a security concern around it. They advised talking to someone who is developer-facing instead to work out the issue.Narva
Yes, I also asked [email protected] and they said they won't revoke them - you need to ask Developer Support, who in turn claim to not be able to revoke them. Maybe adding to your allocation is the only way.Befuddle
I
4

I got some extra certificates also (5). It took about two weeks and various emails to and back from Apple support, but I got them in the end.

Its very important when creating your new certificate using KeyChain to immediately backup the private and public keys that are created with your name when you do the "Request a Certificate from a Certificate Authority" stage within the KeyChain app. This will enable you (hopefully anyways) to re-use your developer id certificates when you change machine.

I deleted all private and public keys in my name (again using the KeyChain app) prior to doing this step so to reduce confusion but that may not be necessary and might even be unadvisable.

Insensate answered 8/3, 2015 at 17:30 Comment(4)
Which Apple email address did you write to request new Developer ID certificates?Brightman
I emailed [email protected] .Insensate
Thanks. For what it's worth, [email protected] won't give me new certs... they're directing me to "please contact Apple Developer Connection at developer.apple.com/support."Brightman
And also, FWIW... almost 4 years later and I've been dealing with this problem for about 2 years at this point and can't publish my own company's product as a signed application. Which makes it so clients with JAMF can't use our toolsets at all. This has been a nightmare. The latest in a long line of communications from Apple Developer Support asked if I had cleared my cache... Thanks.Menes

© 2022 - 2024 — McMap. All rights reserved.