Simon Woodside Simon Woodside - 2 months ago 12
iOS Question

How can I use an existing private key to a new iOS development certificate?

For aesthetic reasons, I would like to use the same private key that I used to create my distribution certificate a while ago, to create a new development certificate (my old one expired). But the "How to create a development certificate:" on the iOS provisioning portal require that you use Keychain Access create a new key. When I try to do Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority With "(my key name)" the Certificate Assistant doesn't actually create a CSR file.

Does anyone know if this can be done, and if so, how?


First, I had to export my private key from the keychain as a p12 file. I tried scripting this, but was unsuccessful.

  1. Open keychain and select your private key
  2. Right-click and select "Export "
  3. Use a p12 file type.

Run the following openssl command to convert your password-protected p12 file to a pem. openssl will prompt for a password.

openssl pkcs12 -in your-newly-exported-p12-file.p12 -out your-newly-exported-p12-file-as-a-pem.pem -nodes

Run the following command on your pem file to generate the csr.

openssl req -new -key your-newly-exported-p12-file-as-a-pem.pem -out your-csr-to-submit-to-apple.csr