Can't create IOS_DISTRIBUTION certificate using AppStore Connect API. Error 409/ENTITY_ERROR.ATTRIBUTE.INVALID/Invalid Certificate

I'm trying to create a certificate [using **AppStore Connect API**][1]. For that I created valid *(I used it to fetch certificates list using GET method, it works)* JWT token : `eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkZZREszQlVIOE0ifQ.eyJpc3MiOiIwNWNiN2M3Yy00Y2RkLTRlYjMtYWRiZC1kNzkwYWEyYTBhNjEiLCJleHAiOjE1ODc3OTg1MjMuMjI3ODIyLCJhdWQiOiJhcHBzdG9yZWNvbm5lY3QtdjEifQ.Vs1xpLL2xF_WtQNXg3m1XySG-mdSsR2fQalhDgFy5NkIhtRWtWfxkyxMOTe3la-zqWAKjZ7iiCGf8Fkm5_cl2Q`





Pretty printed JSON Http body is:



{

"data":{

"attributes":{

"certificateType":"IOS_DISTRIBUTION",

"csrContent":"'$(cat private.csr | base64)'"

},

"type":"certificates"

}

}



where `private.csr` file generated by **Keychain Access** and contains:



-----BEGIN CERTIFICATE REQUEST-----

MIIClDCCAXwCAQAwTzEnMCUGCSqGSIb3DQEJARYYaWdvci5rb3Rrb3ZldHNAZHVt

bXkuY29tMRcwFQYDVQQDDA5JZ29yIEtvdGtvdmV0czELMAkGA1UEBhMCQlkwggEi

MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnON+o9OZCRAF0oJqnjt7RBDJj

ZDJjj04iH/UvqEaJ/T8iq7iWZFQBpnLD11vcProtA+v4rNI/H5N4R+BPJclmvbPE

BGOSvyQHXf92blCzL9e9Lqk6GVTvdh+7YDlJV+dTqceP0evQleybWn7bp/lnRKtb

o5NWOfDKv5dgUXEFi5e0Hy9FMem5AlKGN7NObSypi7mBqscpRpg70ZLrODZxg8Ee

E/R8ZHWesuIvMBp+m4J6O2+gMRTOVb+jA+577StbkZM4lxDhYB1XEy3nmXkCJXqi

C/mgxmfNnCBK4s9OYJnEVu703aPYm9c9qI4eHdQzyEE0WqRits2CDckWGIBFAgMB

AAGgADANBgkqhkiG9w0BAQsFAAOCAQEAtLXvHejf2zPlMhJeWU6BBnsc2z2P6ZWS

92GZCMpTLX/apN8IjzxZWG+x5hW4ub6YL3SWTgz7l4OJzyIzV4t5xupcRwGessOt

XvBvDEshd9k7LkueNtoXO6buJEKa5sDEZ+31BxUKGgqRXBTxsVxvTJSQTF1quutN

j8AQzWBRRp1HkTRS89iBS1G7eY9NR1Abvp2Omr8RRdvqsOm5i1aJ7HvOc4SxlnyL

PZFGYQFKCX1wT6la8RYPbq96hAAwAKDvCf2pqT9iYwJOOPRHvpLuA8N9TlQGjEtJ

O+QUtQJ4PFTRTGhHxNEDXdGRH2JMSQD1ral4PiYy/YCfNZiyrtMDgg==

-----END CERTIFICATE REQUEST-----







Next I perform `curl` request:



curl -v -X POST -H 'Content-Type: application/json' -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkZZREszQlVIOE0ifQ.eyJpc3MiOiIwNWNiN2M3Yy00Y2RkLTRlYjMtYWRiZC1kNzkwYWEyYTBhNjEiLCJleHAiOjE1ODc3OTg1MjMuMjI3ODIyLCJhdWQiOiJhcHBzdG9yZWNvbm5lY3QtdjEifQ.Vs1xpLL2xF_WtQNXg3m1XySG-mdSsR2fQalhDgFy5NkIhtRWtWfxkyxMOTe3la-zqWAKjZ7iiCGf8Fkm5_cl2Q' -d '{"data":{"attributes":{"certificateType":"IOS_DISTRIBUTION","csrContent":"'$(cat private.csr | base64)'"},"type":"certificates"}}' https://api.appstoreconnect.apple.com/v1/certificates



But server responds the error:



> < HTTP/1.1 100 Continue

> * We are completely uploaded and fine

> < HTTP/1.1 409 Conflict

> < Server: daiquiri/3.0.0

> < Date: Sat, 25 Apr 2020 07:20:08 GMT

> < Content-Type: */*

> < Content-Length: 254

> < Connection: keep-alive

> < Cache-Control: no-store, no-cache, must-revalidate

> < Pragma: no-cache

> < X-XSS-Protection: 1; mode=block

> < X-Frame-Options: ALLOW-FROM https://devcms.apple.com SAMEORIGIN

> < Strict-Transport-Security: max-age=31536000; includeSubDomains

> < X-Request-ID: QRCVNTSDFD6UA4O62U7ZZM67ZM

> < X-Rate-Limit: user-hour-lim:3600;user-hour-rem:3598;

> < x-daiquiri-instance: daiquiri:38493002:pv50p00it-hyhk10063901:7987:20E24

> <

> {

> "errors" : [ {

> "id" : "7470a152-5d89-4d85-8e6e-987754c519c3",

> "status" : "409",

> "code" : "ENTITY_ERROR.ATTRIBUTE.INVALID",

> "title" : "An attribute in the provided entity has invalid value",

> "detail" : "Invalid Certificate"

> } ]

> * Connection #0 to host api.appstoreconnect.apple.com left intact



I already have no idea what is wrong. I checked that there are no limits for iOS Distribution certificates in my account.





[1]: https://developer.apple.com/documentation/appstoreconnectapi/create_a_certificate

After a couple a days I found the issue. It was that I base64 encoded CSR file. Don't need to do it, this file is already contains BASE64 data in between

-----BEGIN CERTIFICATE REQUEST----- 
... BASE64 ENCODED DATA ...
-----END CERTIFICATE REQUEST-----

So the correct body is

{ "data":{ "attributes":{ "certificateType":"IOS_DISTRIBUTION", "csrContent":"'$(cat private.csr)'" }, "type":"certificates" } }
Can't create IOS_DISTRIBUTION certificate using AppStore Connect API. Error 409/ENTITY_ERROR.ATTRIBUTE.INVALID/Invalid Certificate
 
 
Q