0

I changed my Mac and when I opened my Xcode project after installing Production certificate and Provisioning Profile, it is showing:

Provisioning profile "MyProfile" doesn't include any certificate for which the matching private key is installed in the keychain.

One important thing is I cannot create production certificate or profile, without creating new production certificate and profile can we solve this?

rmaddy
  • 314,917
  • 42
  • 532
  • 579
Ashique
  • 91
  • 1
  • 4
  • 16
  • Do you still have the old Mac? You can export the private key from that machine. If not, there is no way to do it other than creating a new certificate and profile. It is how Apple protects someone from impersonating you and uploading an app that looks like it is signed by you. – wottle Jun 25 '18 at 15:47

2 Answers2

1

It's not going to hurt anything to generate a new certificates & profiles. The existing app will continue to run and be sold just fine in the store.

If you're the sole dev of the project, I'd just turn on automatic code signing in Xcode.

If you're not, you could potentially have another dev export the cert you're missing and not have to recreate them.

skwashua
  • 1,627
  • 17
  • 14
  • I cannot create production certificates and profiles because it is out of my authority. I can create only dev certificates and profiles. But what I don't understand is that, I downloaded the production certificate and production provisioning profile from account and installed, so It should work right? – Ashique Jun 23 '18 at 08:04
0

For code signing an iOS app, you need 3 things:

  1. iOS development or distribution certificate
  2. iOS development or distribution provisioning profile (that is set up for use with the cert above)
  3. private key (the private key goes in your key chain and was used to generate the certificate above).

Apple does not store the private key, not should they. That is something you need to keep and protect as it allows you to prove that you are the rightful developer who can sign an app as you. Do not share the private key.

If you lose the private key, the only way to sign an iOS application is to create a new new private key, generate a new certificate and provisioning profile, and use those to sign your app.

If you can still log into the old Mac, you should be able to go into the Keychain Access app and find the certificate (and associated private key) from your old account and import them on the new machine.

If you do not have an iOS role that allows you to create the certificate and provisioning profile, you will need to get the person who has that access to create those for you, and then send you the privite key. You can download the cert and profile from Apple's dev site after they have created them.

wottle
  • 13,095
  • 4
  • 27
  • 68
  • yeah.. Actually that was the issue.. But luckily I got a backup of old mac and got those profiles certificate and installed in new.. Thanks .. :) – Ashique Jun 27 '18 at 06:25
  • Note that the certificate you got from the old mac probably also came with the private key. – wottle Jun 27 '18 at 13:29
  • How does one generate a new private key? – Zack Shapiro Jul 13 '18 at 20:31
  • A private key will be created when you generate a new cert signing request as described here: https://stackoverflow.com/a/12126696/3708242 – wottle Jul 13 '18 at 21:17