Xcode could not find a valid private certificate/valid key-pair for this profile in your keychain
Possible Duplicate:
Xcode - iPhone - profile doesn’t match any valid certificate-/private-key pair in the default keychain
I'm having a problem installing a provisioning profile created by another developer.
- Development Certificate already exists
- App I'm working on has a Provisioning Profile associated with the certificate
- My device UUID has been added
- AppID for the app already exists
- Development Provisioning Profile exists, with my UUID
When I download the Certificate and Provisioning Profile I get the error in Organizer:
Xcode could not find a valid private certificate/valid key-pair for this profile in your keychain
How can I resolve?
Answer
You also need the private key that was used when requesting the certificate.
The private key is what is used for signing every device binary you compile using that developer identity. The certificate you download and import is basically just a stamp on your private key saying "code that is signed using this key is allowed to run on a device".
Have the other developer export the keys used when generating the original certificate signing request and then import them on your machine.
Look in Keychain to see if the key is correctly paired with the certificate once you have both:
When everything is correctly in place you should see a little disclosure triangle on your certificate which lets you see the key (and vice versa on the key page where you should see the certificate under the key). Otherwise the relationship is not correct, not recognized by Keychain during import (I have seen this in some cases when importing a renewed certificate while the expired one was still in the keychain).
I was recently trying to move the public/private key pair for an iOS developer certificate to another machine. The public file was exported using Keychain Access to .pem and the private file to a password protected .p12.
On the other machine Keychain Access would not import them. The solution was the good old command line:
security import ios_priv.p12 -k ~/Library/Keychains/login.keychain
security import ios_pub.pem -k ~/Library/Keychains/login.keychain
So try this if you have problems transferring the keys for your certificate.
EDIT to reply to @baudot's comment below. (It wouldn't fit in a comment)
Make sure you also have the Apple Developer Relations Root CA certificate in your keychain. That is what is used to verify the certificate.
You could also opt for a fresh start. Just delete the keys and certificates from your keychain, revoke them on the ADC portal and delete their associated provisioning profiles.
Once you have removed everything you can generate a new key pair and associated certificate signing request. Then make sure to export the keys and stash them in a good place for the future.
Then you go to the ADC portal, upload your new cert signing request, generate new provisioning profiles and you are good to go.
The only irreplaceable thing is your ADC account. All the rest can be restored or recreated.
I would also recommend that you use the fancy new automatic provisioning built into Xcode. That saves you the headache of downloading and importing the provisioning profiles. It simply syncs your existing ones with ADC.