All geek questions in one place

Failed to revoke Mac certificates

I had problems with fake code, and as a result of a rash decision, I decided to delete all my certificates and private keys and start all over again. I read and understood that this would mean a lot of work to get things going, but I did not think that this would create an irreversible situation:

  • I have 10 un-revokable developer ID certificates: 5 application certificates for developers and 5 ID installer certificates with different expiration dates (from 2017 to 2019).

  • If I click the + button to add a certificate, the radio button for the developer ID is not selectable (grayed out).

So, my problem is that I do not have a private key for these certificates, I cannot cancel them, and I cannot create new developer identity certificates. One more thing: I am the only member of the team.

I called Apple Developer Support and they were not sure how to fix it. They said they would have to come back to me.

Anyone have any suggestions?

thanks

Philip

+6
source share
2 answers

Well, if someone else missed this in the Application Distribution Guide here, what I found:

You cannot revoke developer certificates or Passbook certificates with the Center member. Instead, send a request to Apple at product-security@apple.com. to revoke these types of certificates. If Apple revokes your Developer Id Certificate, users can no longer install applications that have been signed with this certificate. Instead of revoking the Developer Identifier Identifier, you can create an additional developer identifier certificates using the Member Center, as described in the Request Additional Developer Identity Certificates section.

I did not understand that 5 developers' ID applications and 5 IDA installer certificates are the limit. I hope Apple cancels them for me.

+7
source

I received several more certificates (5). It took about two weeks, and various emails and Apple support, but I got them at the end.

It is very important when creating a new certificate using KeyChain to immediately back up the private and public keys created with your name when you perform the "Request a Certificate from a Certificate Authority" step in the KeyChain application. This will allow you (hopefully, anyway) to reuse your developer id certificates when changing a machine.

I deleted all the private and public keys in my name (again using the KeyChain application) before taking this step to reduce confusion, but this may not be necessary, and may even be impractical.

+3
source

Source: https://habr.com/ru/post/972994/

More articles:


All Articles