发表新帖
发表新帖

This certificate has an invalid issuer keychain

前端 未结
关注
3 2230
花落未央
花落未央 2020-12-31 21:33

I do have private key(my_ca.key) and public key(my_cert.crt) which is signed by DigiCert. Now I want to generate the SSL certificate (version 3) and sign it by my private ke

相关标签:
3条回答
  • 忘掉有多难
    2020-12-31 21:52

    I have got a simple solution for this problem.

    Select the certificate in keychain right click it. There you will see the option "GetInfo" click it and select "Trust" option. Select the option When using this certificate to "Always trust". That's all - this certificate will be marked as trusted for your account.

    0 讨论(0)
  • 说谎
    2020-12-31 22:06

    Normally all X.509 certificates in certificate chain except the last one are CA certificates. The first certificate in chain is called root CA (in your case DigiCert High Assurance EV Root CA), then other CA certificates in issuer chain (if any) are intermediate CAs and the last one is End Entity (not CA). I don't think you can issue new SSL certificate issued by non-CA certificate. So you can use my_cert.crt signed by DigiCert as SSL certificate but you cannot issue your own using my_ca.key.

    0 讨论(0)
  • 谎友^
    2020-12-31 22:08
    1. Download https://developer.apple.com/certificationauthority/AppleWWDRCA.cer and double-click to install to Keychain.
    2. Select "View" -> "Show Expired Certificates" in Keychain app.
    3. Confirm "Certificates" category is selected.
    4. Remove expired Apple Worldwide Developer Relations Certificate Authority certificates from "login" tab and "System" tab.

    Here's Apple's answer.

    Thanks for bringing this to the attention of the community and apologies for the issues you’ve been having. This issue stems from having a copy of the expired WWDR Intermediate certificate in both your System and Login keychains. To resolve the issue, you should first download and install the new WWDR intermediate certificate (by double-clicking on the file). Next, in the Keychain Access application, select the System keychain. Make sure to select “Show Expired Certificates” in the View menu and then delete the expired version of the Apple Worldwide Developer Relations Certificate Authority Intermediate certificate (expired on February 14, 2016). Your certificates should now appear as valid in Keychain Access and be available to Xcode for submissions to the App Store.

    You can also check on https://forums.developer.apple.com/thread/37208

    For more detail refer https://developer.apple.com/support/certificates/expiration/

    0 讨论(0)
 看不清?
提交回复
热议问题