Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: codesign returns "no such identity" with Apple provided cert in Mac OS X 10.5


You didn't mention having the private key. Without the private key (that was generated in your keychain when you created the certificate signing request), the certificate is useless. A PKI identity consists of both the private key *and* the certificate. When moving your identity from one system to another, you MUST copy both the certificate and its private key. Typically that's done by selecting them and exporting to a PKCS12 (.p12) file, which can be imported on another machine.

Find a copy of the original keychain that you had on the PPC laptop when you created the CSR. It should contain the private key.

You can tell if the private key and certificate are together in your keychain by selecting the "My Certificates" category on the left side of the window in Keychain Access... this will show you all identities (that is, certificates for which the associated private key exists.)

Now, if you know that you have both the certificate and its private key (and they show up under "My Certificates"), but codesigning still fails to find the identity, then you may be running into an issue with CRL checking. In that case, try turning off CRL checking (in Keychain Access > Preferences > Certificates).

-ken

On Jul 6, 2008, at 6:19 AM, Bart W Jenkins wrote:

I joined the Apple iPhone developer program at the $99 level and got my access to the developer portal.  I followed all the directions for creating a certificate signing request, sending it Apple, downloading and installing it along with the WWDC certificate, creating an app id, setting the provision and downloading and installing the provision into Xcode, etc. and when trying to get ANY application to install on the iPhone I keep getting stopped at the same point--codesigning.

In desperation, I've tried to isolate the problem by creating a simple Mac os X 10.5 app (not for the iPhone) and codesigning it, outside of the iPhone.  Same problem.  I always get a "no such identity" error when trying to use the Apple provided cert.  I have tried all manner of string combinations:  "iPhone Developer: <First> <Last>", "iPhone", "Developer" etc.

So, for example, given a simple app called "app1.app", I try something like the following from Terminal:

$ codesign -s "iPhone Developer" app1.app

and I get the following error:

$ iPhone Developer: no such identity

I've tried using "sudo" and no difference.  I've cleaned out my keychain from any leftover apple provided certs.  I've backed up my keychains and started with an empty ~/Library/Keychains directory and created brand new login keychain and imported the certs into that and still the same problem.  I've also run the Keychain first aid to fix any issues and rebooting between attempts, etc.  I can't get the --verbose flag to tell me anything

If I create a self-signed cert, all works well and my app gets signed. 

The only other unique thing about my environment might be that I migrated from a PPC laptop (a power pc g4 powerbook) to a newer 2.5Ghz, core duo Intel based macbook pro and maybe something got messed up with that.  But I used the standard apple tools to do that.

I am completely stopped in developing for the Apple platform at this point.  I've spent three days trying to figure this out.  I've used PKI systems in the past and have never had this much trouble.

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden

This email sent to email@hidden 
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden

This email sent to email@hidden
References: 
 >codesign returns "no such identity" with Apple provided cert in Mac OS X 10.5 (From: Bart W Jenkins <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.