Apple Developer and AppStore Cert Not genrated in codename one - codenameone

Our app working fine for past 2 months on generation of .ipa and device specific builds. Last 2 days we are getting Developer Cert Not generated and Apple Cert Not generated. Could please help on this
I have created provisional certificates and downloads with specific devices I am getting files with .mobileprovision which are not accepted in IOS tabs.
Please look into and send me some resolutions for this
Please find Error log information at end of the file
https://s3.amazonaws.com/codenameone-build-response/64deba95-aa3f-4471-a805-35e57ef46cdb-1471866430515-error.txt

FYI I suggest moving to the new certificate wizard that's within the Codename One Settings tool.
There seems to be an issue which may be temporary so it might work if you retry. If this is still happening let us know and we will seek a permanent fix for it.
As a workaround if the issue is still there you can login to your Apple developer account and revoke your certificates then re-run the certificate wizard. It should work as the process failure is during the revoke stage.
Notice that revoking certificates should have no affect on apps in production.

Related

iOS debug error, debug certificate generation

I am trying to build my ios app in debug to test it i couldn't find a debug certificate so i used a development cert.
I got this in the build
The provided provisioning profile and certificate do not match. Please ensure that the provisioning profile you provide was generated using the certificate that you provide.
To skip validation, you may add the ios.validateProvisioningProfile=false build hint
Here is my actual configuration of certificates
I couldn't find any documentation about it.
Thanks in advance
I'm assuming you made these manually and didn't use the certificate wizard to make them. The P12 certificate information is also embedded into the provisioning profile so if you use a provisioning profile that was generated with a different certificate it just won't work.
You can enable that build hint in the build hints section if you want compilation to continue but it will probably just take longer to fail and will give a more obtuse answer.
A solution would be to use the certificate wizard and redo your certificates.
If you did this manually then redo everything. There are many nuances to making a P12 file and it's possible one of those was missed.

How to publish a codename one app on Apple Store without using the "codename one iOS certificate Wizard?

I created my Apple ID and activated the two-factor authentication as apple documentation said I should do.
When I try to execute the "Codename-One-iOS certificates-wizard", I always got an error related to the two-factor authentication.
After some research, I read on Codename One documentation that the wizard doesn't work with the two-factor authentication.
Then, I tried to turn off the two-factor authentication, But I couldn't do that. The Apple company doesn't allow to revert this configuration. I tried several approaches ( via iCloud and Xcode applications, via web sites Apple ID, And Apple Developer Program, .... No one of them offered options to do that.
Then, I think my only option is to do things using the traditional approach. without the help of the Wizard.
How can I do that?
I didn't find any help about how to publish a Codename One application on Apple Store using the normal path.
You should check that Codename One Settings is up to date and make sure that only one device is associated with your account. The certificate wizard should work with two factor authentication but has an issue with more than one device.
You can follow the instructions on the developer guide to generate a certificate manually: https://www.codenameone.com/manual/signing.html

iOS Build fails due to certifications, but they were created in the wizard

I have been using codenameone to develop an app which I have tested on android, and wish to do so on iOS. I have a paid Apple Developer account, and am able to go through the signing wizard correctly and the "iOS Signing" page is filled out with all of the information.
However, when I come to build an iOS development build, during the ant process the console logs
A certificate from Apple with the appropriate password is required for building an iOS native app!
This is odd, as the information that was filled in was created from the wizard with no errors. On th Apple Developer account page I can see all of the certificates and devices etc...
For some reason, (even when I clicked "browse") when I selected the certificate files it would change the path to my JDK installation
/Library......bin/<selected file>
This is odd, but I ended up fixing it by manually creating the certificates (being unaware of the certificate password.) Trying now, it [the certificate creator] works fine (as long as I change the path once it has finished). It wouldn't allow any full path (IE /Users/....), and would only allow relative paths to the project folder. So when I set the location to the "iosCerts" folder, it worked fine.
iosCerts/<selected file>
This possibly may be an IntelliJ / Mac bug?

what is the purpose of self certificate?

i have developed a winform application in VS 2010 using c#.
Created setup and now faced "publisher unknown" situation when starting the application.
Then came to know that need to sign the application with digital certificate. But i am so confused with creating the certificate. I saw that we can create self certificates using makecert,cert2spec tools.
While creating the certificate i got a link by googling that saying "If you use a test (self-created) certificate, the installation dialogs will display an "Unknown publisher" message".
http://msdn.microsoft.com/en-us/library/ff699202.aspx
So actually what is the purpose of self certificate creation.
Pls help me to understand ths. I am new to this topic and correct me if have done anything wrong.
Thank You.
There's quite a good explanation on this page:
You can create your own signing certificate with Visual Studio (check
out the Signing tab, and that button that says “Create Test
Certificate”) or using a program called MakeCert. When you do this,
the trust dialog says the publisher is unknown. If you purchase a
certificate, the trust dialog will list your company as the publisher.
The certificate vendor basically guarantees that you are who you say
you are.
My company (GoldMail) uses ClickOnce to deploy our application from a
content delivery network to our customers, The Public. We did not want
our deployment to say “Unknown Publisher”; we wanted it to say
“Published by: GoldMail”. This gives our customers a warm cozy feeling
when installing our application from the internet, and provides
reassurance that it is coming from our company and not from some guy
living in the frozen tundra hacking deployments for fun.
If your application is going to be deployed internally, you might
choose to forego the cost of a purchased certificate, because people
would know where the application was coming from even if it didn’t
specify that on the installation dialogs. You can also choose to
install the test certificate on each user’s machine, and the trust
dialog will then show the name on the certificate as if it were one
purchased from a vendor.
You also might want to use a test certificate if you are deploying
your application for specific customers who know you and know the
application is coming from you, like if you are writing shareware, or
creating an application for your friends and family to use to keep
track of what you want for your birthday and Christmas.
Well, a Self Signed Certificate is the root certificate by which you can create child certificates, and those child certificates are authenticated against the self sign certificate, being self signed means that it holds its private key by which it was created.
For instance, when you want to use a certificate on a web site and also you want to have it verified by an authentication issuer, you ask an issuer like verisign in order to get a certificate. So when a user enters your site by https it will recognise that you own a certificate, and the way to verify that the certificate corresponds to your organization is by checking it against verisign certificate.
You can create self-signed certificates to emulate the production environment, what you will be doing is faking verisigns responsibility.

Do I need to install a certificate on a SilverLight client machine if the certificate is from a CA

If a certificate is from a CA (e.g. GoDaddy, Verisign), does the certificate need to be installed on a client machine?
I have a SilverLight application that needs elevated privileges and will be installed on numerous client sites. I'm also trying to minimize the installation at each of the sites (100s of deployments per site with the application hosted locally at each site).
I believe the registry changes can be deployed via a group policy update.
If the certificate still needs to be deployed, is there a value of having a certificate from a CA over a self-signed application when the primary goal is minimizing local site administration?
Yes, if a certificate is from a CA, the certificate does need to be installed on the client machine. That said however, Microsoft does already install many root certificates as well as keeps this list up to date with Root Certificate updates. See the Root Certificate Membership List
GoDaddy and Verisign are currently apart of this list, so doing an extra step should be unnecessary on a computer which is up-to-date. This is not always the case, so it still might be required on some machines.
All that said, to run Silverlight in elevated privilege mode, the user must simply click that they 'trust' the application at install time. See MSDN Trusted Applications
Taking the time of getting a signature from a CA only buys your user's a bit of extra peace of mind when the click the button as
They will see this:
Instead of:
If the goal is minimizing local site administration, then I don't see that going through the trouble of getting a certificate to sign your application would meet that goal, its only there to help provide some security for your users, which doesn't sound like it would be an issue.

Resources