iOS Build Environment Help Center

Keychain Tool Error

Pierre-Marie Baty

Putting a certificate in the Keychain folder doesn't make it usable. Certificates are unusable without their associated private key. In order for a certificate to be usable by the builder (and thus selectable), you must also put the private key which was used to create them.

Please read the documentation which explains what certificates are and their relationship to private keys. If you have a complete signing identity on your Mac, export it to a .p12 file and import it using the Keychain tool in the builder. If you create a new signing identity from scratch, start by creating a private key using the Keychain tool. The documentation explains how to do that. Is there some specific part of the documentation which needs more explanation ?

:: @Pierre-Marie Baty added on 24 Nov ’23 · 14:28

*edit* Additional information. The Migration assistant offers to migrate your existing signing identity, *at the condition that you give it your macOS session password* to access the Mac's secured keychain, in which your private keys are stored. If you declined to give it your session password, the Migration assistant won't be able to migrate your private keys. You'll only get useless certificates and provisioning profiles, because without their associated private key nobody can use them to sign anything.

Append

(Leave this as-is, it’s a trap!)

Only the original author or a moderator can append to this post.

Pro tip: Use markup to add links, quotes and more.

Moderators: Pierre-Marie Baty