iOS standalone - what to do about code signing failures?

Robert Sneidar slylabs13 at me.com
Mon Jan 14 14:50:46 EST 2013 

It may help everyone who is new to deploying to Macintosh with certificates to read up on how OS X deals with storing certificates. Basically, OS X puts everything having to do with security in the Keychain. This allows a user to increase his own security by keeping the keychain locked, so that only someone with his user name and password can have access to it, as well as keeping all the user names, passwords, and certificates under a single sign on. 

It's intended to make security easier to manage for the end user, but as is typical, what is easier for the end user is harder for the developer. 

Microsoft has a similar mechanism, as evidenced each time a user logs into anything, where the browser or authentication dialog may permit the user to "remember the password". 

Bob


On Jan 13, 2013, at 3:11 PM, Dave Kilroy wrote:

> 
> Roger
> 
> Thanks for the thanks :)
> 
> I well remember what it felt like to be lost in codesigning marshes - not a nice place to be at all - so I hope the account of how I stumbled upon my way out is of use to you
> 
> Actually, a couple of messages after your one Andre advised me to look in Keychain Access - and he was right! - So with any luck if my meanderings don't help then someone else from the list will know what to do.
> 
> Regarding sources of help - don't do what I did and rely on the Apple WorldWide Developer Center - I wasted months (literally) waiting for something from them - and would have been much better off continuing to stay actively searching for a solution rather than switching to passively waiting for Apple to tell me what to do.
> 
> Having said that, one of the least nice things about the codesigning marshes is the loneliness - if there was someone else to discuss things with it would have been GREAT, someone who could have helped me think through what was going on and either help me uncover the flaws in my own thinking or else help ascertain 'known facts' - so if you would like to email me off list and use me as a sounding-board that would be just fine.
> 
> Best of luck!
> 
> Dave
> 
> 
> Roger Guay <irog at mac.com wrote:
> 
>> Hi Dave,
>> 
>> 
>> I just wanted to tell you how appreciative I am for this feedback. I'm still experiencing this codesign failure problem, and I don't know where to turn for help other than this list. I'll try to use your information to solve my problem next week as I am entertaining guests for a few days, but I didn't want to wait that long to thank you.
>> 
>> Roger
>> 
>> 
>> On Jan 10, 2013, at 5:00 PM, Dave Kilroy2 <dave at businessplaninsight.com> wrote:
>> 
>>> Hi all
>>> 
>>> OK I can now sign code and build apps for iOS!
>>> 
>>> I'm not 100% sure how I did it, but there were two critical stages: the
>>> first was when I realised that the rogue extra development certificate MUST
>>> be hiding somewhere on my MacBook Pro (I had previously been convinced it
>>> was hiding somewhere in my account on the Provisioning Portal). 
>>> 
>>> Then, after several hours of fruitless looking today, when I was back in
>>> Keychain Access for the umpteenth time I removed the 'login' keychain from
>>> view (by accident I think) and had a look in the 'system' keychain - and in
>>> there was the naughty developer certificate waiting for me (without a public
>>> or private key). For some reason it didn't show up if I was looking in the
>>> 'system' keychain whilst the 'login' keychain was in the left-hand panel of
>>> Keychain Access, but once the 'login' keychain was gone the certificate
>>> showed up!
>>> 
>>> So I deleted the naughty certificate, switched back to XCode and removed all
>>> provisioning profiles, certificates etc, revoked provisioning profiles and
>>> certificates on the Provisioning Portal and rebooted. When I reopened XCode
>>> I was planning to hit the 'refresh' button and let XCode get all new
>>> profiles and certificates for me - but when I saw the blank login screen
>>> realised that I would need my 'login' keychain back again - so I went back
>>> to Keychain Access and imported the 'login' keychain once again, went back
>>> to XCode and hit the 'Refresh' button - after a few seconds it created new
>>> profiles and certificates for me with no sign of extra developer
>>> certificates!
>>> 
>>> I then tested my XCode 'Hello World' app and that built OK and installed on
>>> my iPad - I then opened LiveCode and built and installed a LiveCode app -
>>> and everything worked perfectly Woohoo!!!
>>> 
>>> So one of the main things I learnt today is that the keychains in Keychain
>>> Access are actually separate entities and 'a bit tricky' 
>>> 
>>> I'm pretty sure that I included a lot of unnecessary steps in my description
>>> above - and I look forward to hearing from others on better ways of handling
>>> keychains in Keychain Access and better ways of achieving what I did by
>>> accident :)
>>> 
>>> Kind regards
>>> 
>>> Dave
>>> 
>>> PS: the Apple Worldwide Developer Center staff I dealt with were all very
>>> nice and intelligent people - but they were of no help to me at all.
>>> 
>>> 
>>> 
>>> --
>>> V
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode

More information about the use-livecode mailing list