iOS Question [RESOLVED] Can B4i.keystore be created in any way other than from Private Sign Key in B4i?

[Andris]

I had a working, published B4i app whose ownership I transferred to a client a while back. Since both the client (the new owner) and I have individual Apple Developer memberships (not Enterprise), any new Certificates/Profiles can only be created by the app account holder, which is my client. I've now updated the app and want to publish it to the store, but the Certificate and Profiles have expired. I had the client create new ones using my original certSigningRequest.csr (created at B4i>Tools>Private Sign Key).

Unfortunately, my builds fail even though the Certificates/Profiles are OK. This is the fail message:

Missing private key for signing certificate. Failed to locate the private key matching certificate "iPhone Distribution: xxxxxx xxxxxx (WTxxxxxxxx)" in the keychain. To sign with this signing certificate, install its private key in your keychain. If you don't have the private key, select a different signing certificate for CODE_SIGN_IDENTITY in the build settings editor. (in target 'B4iProject' from project 'B4iProject')

Is this happening because I still have the original B4i.keystore file in the KEYS folder, even though I've updated the certificate/profile pairs? If so, the simple solution would be for my client to create a totally new Private Sign Key and B4i.keystore on their end, and use the new certSigningRequest.csr to create new certificates/profiles. However, my client is not a coder and does NOT have B4i installed. Is there any way for my client to provide me with B4i.keystore without purchasing and installing B4i?

 

[f0raster0]

I had a working, published B4i app whose ownership I transferred to a client a while back. Since both the client (the new owner) and I have individual Apple Developer memberships (not Enterprise), any new Certificates/Profiles can only be created by the app account holder, which is my client. I've now updated the app and want to publish it to the store, but the Certificate and Profiles have expired. I had the client create new ones using my original certSigningRequest.csr (created at B4i>Tools>Private Sign Key).

Unfortunately, my builds fail even though the Certificates/Profiles are OK. This is the fail message:


Is this happening because I still have the original B4i.keystore file in the KEYS folder, even though I've updated the certificate/profile pairs? If so, the simple solution would be for my client to create a totally new Private Sign Key and B4i.keystore on their end, and use the new certSigningRequest.csr to create new certificates/profiles. However, my client is not a coder and does NOT have B4i installed. Is there any way for my client to provide me with B4i.keystore without purchasing and installing B4i?

Simple way: Ask your client for the login credentials of apple..you create key/cert/etc..

 

[Andris]

Simple way: Ask your client for the login credentials of apple..you create key/cert/etc..

I suppose that would be easiest. But does B4i create a unique b4.ikeystore based on the user's Apple credentials? I use B4i on a PC and when I create a Private Sign Key, it asks nothing about my Apple login credentials.

 

[Erel]

The CSR file is tied to the private key.

Your client can create a certificate and provision profile but they must use the same CSR that you are using.

 

[Andris]

The CSR file is tied to the private key.

Your client can create a certificate and provision profile but they must use the same CSR that you are using.

Thanks. My issue was finally resolved by creating a completely new CSR first, from the new version of the app in B4i. Once the client used that to create the new CER and MOBILEPROVISION files for me, all was well. For some reason, the old CSR had no longer been valid.