I am having the most difficult time trying to figure out the process for just getting my development .p12 figured out. Full disclosure, being a windows user does not make my life any easier. Seems fairly straightforward on a mac (which I do not have) So I thought I would come here and see if I could collect information on getting working certs and keys on windows pc.
Here's what I have so far: -OpenSSL
-openssl req -nodes -newkey rsa:2048 -keyout private_key.key -out cer_sign_request.csr
Generates a key and a sign request.
went to dev portal submit CSR --> recieved CER
-back to OpenSSL -openssl x509 -in ios_development.cer -inform DER -out ios_development.pem -outform PEM
CER-->PEM
-openssl pkcs12 -export -inkey keyname.key -in ios_development.pem -out ios_development.p12
-"No cert in -in file 'ios_development.pem' matches private key"
so here I am. Lost. Mind you I've tried the process in a few different ways and now I am on a mission to find my "private_key" somehow with no way to access keychain. I dunno feels convuluted. for good reason I am sure.
If anyone has a streamlined version of how to get this done I will be forever indebted to you. Your time is greatly appreciated.
for futher context I am just trying to get an eas build on my phone from expo. Thankyou!
So, I’m not able [1] to test this on Windows but it’s working for me on my Mac, using pretty much your instructions.
First I created a CSR using openssl:
% openssl req -nodes -newkey rsa:2048 -keyout private_key.key -out cer_sign_request.csr
…
Country Name (2 letter code) []:GB
State or Province Name (full name) []:Scotland
Locality Name (eg, city) []:
Organization Name (eg, company) []:Late Night Silly Software
Organizational Unit Name (eg, section) []:
Common Name (eg, fully qualified host name) []:Quinn
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
% ls -lh
total 16
-rw-r--r-- 1 quinn staff 976B 15 Jan 11:31 cer_sign_request.csr
-rw-r--r-- 1 quinn staff 1.7K 15 Jan 11:31 private_key.key
I then used the Certificates, Identifiers, and Profiles section of the Developer website to generate an Apple Development certificate from that, resulting in:
% ls -lh
total 24
-rw-r--r-- 1 quinn staff 976B 15 Jan 11:31 cer_sign_request.csr
-rw-r--r--@ 1 quinn staff 1.4K 15 Jan 11:32 development.cer
-rw-r--r-- 1 quinn staff 1.7K 15 Jan 11:31 private_key.key
I convert that from DER to PEM:
% openssl x509 -in development.cer -inform DER -out development.pem -outform PEM
And exported it and the private key to a PKCS#12:
% openssl pkcs12 -export -inkey private_key.key -in development.pem -out development.p12
Enter Export Password:
Verifying - Enter Export Password:
%
This is on macOS 15.2 using the built-in openssl tool:
% openssl version
LibreSSL 3.3.6
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] Well not willing (-: I do have a Windows VM set up but it’d take me a while to configure it to run this test.