Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revoking certificates on macOS fails #15

Open
tsugua opened this issue Jan 3, 2017 · 4 comments
Open

Revoking certificates on macOS fails #15

tsugua opened this issue Jan 3, 2017 · 4 comments

Comments

@tsugua
Copy link

tsugua commented Jan 3, 2017

When trying to add developer ID to a Mac app. I have the developer certificates in my Keychain but RM doesn't seem to be finding them. The error says the certificate can only be revoked by developer support.

 Error None of the available certificates (1) is installed on the local machine. Revoking...
rake aborted!
Spaceship::Client::UnexpectedResponse: {"responseId"=>"f040e3d3-2cb2-4a54-9e1d-c28bb6c16c69", "resultCode"=>7475, "resultString"=>"This certificate can only be revoked by Apple Developer Program Support.
https://developer.apple.com/support", "userString"=>"This certificate can only be revoked by Apple Developer Program Support.
https://developer.apple.com/support", "creationTimestamp"=>"2017-01-03T22:44:48Z", "protocolVersion"=>"QH65B2", "userLocale"=>"en_US", "requestUrl"=>"https://developer.apple.com/services-account/QH65B2/account/mac/certificate/revokeCertificate.action", "httpCode"=>200}
@MarkVillacampa
Copy link
Contributor

I assume your certificate is of type :developer_id. Those certificates can indeed only be revoked by Apple, cannot be manually revoked.

Maybe we should add special handling for that type, and don't revoke the old certificate. Instead remind the user to install the certificate and private key from the other computer, or offer to create a new one.

You say the certificate is in the keychain, but is the private key in the keychain too?

@tsugua
Copy link
Author

tsugua commented Jan 4, 2017

Yes it is a :developer_id certificate. The private key also seems to be in the keychain. I think the error message might be useful. Just direct the user to the Apple Portal.

Image of certificate in keychain:
https://db.tt/i42tQuai28

@MarkVillacampa
Copy link
Contributor

Interesting. Can you try manually downloading the certificate from the Provisioning Portal, installing it in the keychain, and making sure it's not a different certificate?

If everything seems fine I will prepare a script for you to run on your machine to better diagnose what's going on.

@tsugua
Copy link
Author

tsugua commented Jan 5, 2017

It definitely is the same certificate. I deleted and re-installed it and it has the same info.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MarkVillacampa @tsugua