Certificate Creation

Hi,


First off, please forgive me if this is the wrong place to ask this question.


I'm in the process of trying to submit our first application. To create the certificate signing request file, I use the Certificate Assistant as suggested by the web site. That works great! After uploading the CSR and applying it, the download certificate page is displayed. Information for my certificate type (distribution), name, expiration, etc. all look fine. Great!


My problem is that the text to the right states, "Make sure to save a backup copy of your private and public keys somewhere secure." Can someone please tell be where these keys are stored? Will they be necessary a year from now when the app's certificate expires?


Thanks,

Brian

Up vote post of Brian_BWS Down vote post of Brian_BWS
3.2k views
Posted by
Brian_BWS
Reply
Add a Comment

Accepted Reply


Brian:


The Public Key is -in- the actual Certificate, which can be downloaded from Dev Account/Member Center.


When you manually generate a Certificate, you first need to generate a Certificate Signing Request (CSR) via Keychain Access. When this is done, both Public and Private keys are generated. The private key is automatically saved to your keychain on your Mac; the public key is included in the CSR file sent to the Provisioning Authority. One of the items contained in the generated certificate sent back from the Provisioning Authority will be the public key.


If you're not already familiar with Keychain Access on your mac, my advice is to open/run it and browse around so you can at least witness what items your keychain is holding onto for you. Everyone has a keychain on their mac, BTW, not just devs.


My advice is to backup your mac. Doing so will include your keychain items and your dev projects...a very good practice if you haven't done so by now.


As for a year from now, new ones are generated each time you go thru the process to renew your Developer Program account, old ones expire.


In the interim, backups are recommended should you lose access to your mac for whatever reason and you need to rebuild your IDE, but the reality is that with the proper hoop jumping, meaning going thru the same process you did originally, you can recreate them again, however, being able to recover from backups will reduce the impact of convincing your IDE that new ones are accepted throughout.


Ken

Posted by
KMT
Up vote reply of KMT Down vote reply of KMT
Post marked as solved
Add a Comment

Replies

>Can someone please tell be where these keys are stored?


I do not know. That is why I continue to use this old laptop.


> Will they be necessary a year from now when the app's certificate expires?


No. And you will not need them for updates if you continue to use the same computer.

Posted by
PBK
Up vote reply of PBK Down vote reply of PBK
Add a Comment


Brian:


The Public Key is -in- the actual Certificate, which can be downloaded from Dev Account/Member Center.


When you manually generate a Certificate, you first need to generate a Certificate Signing Request (CSR) via Keychain Access. When this is done, both Public and Private keys are generated. The private key is automatically saved to your keychain on your Mac; the public key is included in the CSR file sent to the Provisioning Authority. One of the items contained in the generated certificate sent back from the Provisioning Authority will be the public key.


If you're not already familiar with Keychain Access on your mac, my advice is to open/run it and browse around so you can at least witness what items your keychain is holding onto for you. Everyone has a keychain on their mac, BTW, not just devs.


My advice is to backup your mac. Doing so will include your keychain items and your dev projects...a very good practice if you haven't done so by now.


As for a year from now, new ones are generated each time you go thru the process to renew your Developer Program account, old ones expire.


In the interim, backups are recommended should you lose access to your mac for whatever reason and you need to rebuild your IDE, but the reality is that with the proper hoop jumping, meaning going thru the same process you did originally, you can recreate them again, however, being able to recover from backups will reduce the impact of convincing your IDE that new ones are accepted throughout.


Ken

Posted by
KMT
Up vote reply of KMT Down vote reply of KMT
Post marked as solved
Add a Comment