Search in
Sort by:

Question Status:

Search help

  • Simple searches use one or more words. Separate the words with spaces (cat dog) to search cat,dog or both. Separate the words with plus signs (cat +dog) to search for items that may contain cat but must contain dog.
  • You can further refine your search on the search results page, where you can search by keywords, author, topic. These can be combined with each other. Examples
    • cat dog --matches anything with cat,dog or both
    • cat +dog --searches for cat +dog where dog is a mandatory term
    • cat -dog -- searches for cat excluding any result containing dog
    • [cats] —will restrict your search to results with topic named "cats"
    • [cats] [dogs] —will restrict your search to results with both topics, "cats", and "dogs"

iOS build fails - finds certificate then fails saying it cannot find a certificate

When I am building the iOS version of UE4, everything seems to work fine except for the following:

After linking, when it attempts to obtain a signing certificate, the build first apparently finds a valid certificate:

 Looking for a certificate that matches the application identifier '3Z5EKBZ573.com.agoglabs.*'
   .. Provision entry SN '5297C931896B2F5C' matched 1 installed certificate(s)
   .. .. Installed certificate 'iPhone Developer: Conan Reis (Q6U29F8M7W)' is valid (choosing it) (range '7/28/2015 1:05:21 PM' to '7/27/2016 1:05:21 PM')

This is indeed a valid certificate that is present in my keychain on my Mac.

Then a few lines down in the build log it says:

 Build settings from command line:
     CODE_SIGN_IDENTITY = iPhone Developer
     CODE_SIGN_RESOURCE_RULES_PATH = /Users/zorro/UE4/Builds/Q/D/UnrealEngine/master/Engine/Binaries/IOS/CustomResourceRules.plist
     SDKROOT = iphoneos8.4
 Check dependencies
 Code Sign error: No code signing identities found: No valid signing identities (i.e. certificate and private key pair) matching the team ID “(null)” were found.
 CodeSign error: code signing is required for product type 'Application' in SDK 'iOS 8.4'

The file CustomResourceRules.plist has the following content:

 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">

Any idea what might be wrong here?

I am on master branch btw.

Thanks for any pointers!

Product Version: UE 4.9 Preview
more ▼

asked Jul 30 '15 at 05:47 PM in Bug Reports

avatar image

120 10 12 20

avatar image Ravlek STAFF Jul 30 '15 at 06:41 PM

Usually when you get that message Xcode can't find a valid signing identity which matches the provision it found. If you have a valid certificate, you might want to check to make sure the provision for the game was created using that certificate. Especially since it looks like you recently updated the signing certificate.


avatar image GreatGuru Jul 31 '15 at 03:28 PM

Thanks for the quick reply, Pete. I generated both the provisioning profile and the certificate recently. The provisioning profile uses that very certificate. UE4Editor accepts the provisioning profile and the certificate as valid in its iOS settings, and displays the same name and ID code. Then as you can see in my post above, the provisioning profile is properly matched to the certificate at some point during the build. I spent almost the whole day yesterday trying all sorts of things, e.g. regenerating the profile, deleting and re-installing the certificate to my keychain, copying an extra UE4Game.mobileprovision into my Intermediate/Build/IOS folder, reimporting profile and certificate to the Project Settings dialog, deleting and reinstalling profiles from the AppData folder, changing file permissions on my PC host and on my Mac, cleaning and rebuilding from scratch etc. etc. and have not gotten it to work. Very frustrating. Is there a way to get a more detailed error report and why it is failing to find the certificate? What program is failing to find the certificate? Where is it looking for it? Is there a log file maybe with more info?

(comments are locked)
10|2000 characters needed characters left
Viewable by all users

1 answer: sort voted first

EDIT: See comments below first for the actual fix!

Ok after three extremely frustrating days of my life wasted in code signing hell and learning more about provisioning profiles, certificates, private keys, keychains, the UnrealBuildTool and the iPhonePackager than I ever wanted to, here is what finally fixed the issues for me:

  1. On my system, codesign would not work unless the keychain was unlocked in the same SSH session. To fix that, in CompileTime.cs, line 72 in function GetBaseXcodeCommandline I prepended "security -v unlock-keychain -p \"\" $HOME/Library/Keychains/UE4TempKeychain.keychain && " + to the command line, so UE4TempKeychain.keychain would be unlocked just before xcodebuild runs.

  2. On my system, the certificate extracted from the provision profile in CompileTime.cs, function CopyFilesNeededForMakeApp would not work since it does not have a private key in it. So I commented out line 290 in that file which writes out the certificate //File.WriteAllBytes(Path.Combine(Config.PCXcodeStagingDir, MacSigningIdentityFilename), Data);.

  3. Instead I exported the private key from my keychain as a .p12 file named Q_UE4Temp.p12 and manually dropped it into Engine\Intermediate\IOS-Deploy\UE4Game\XcodeSupportFiles on my host PC.

  4. Then in CompileTime.cs, in function RunRPCUtilty, in case "createkeychain", I changed the string DisplayCommandLine to end with priv instead of cert

For these changes to take effect, iPhonePackager needs to be rebuilt in the UE4.sln in Visual Studio.

I tried backing out each of these changes but code signing won't succeed for me unless all are present.

@psauer hope these findings will help you coming up with a permanent fix that will work on my system. FYI I am using Windows 7 Pro and OSX 10.10.4.

more ▼

answered Aug 03 '15 at 04:13 PM

avatar image

120 10 12 20

avatar image Ravlek STAFF Aug 03 '15 at 05:15 PM

Did you add your signing certificate to the System keychain? We can't access the login keychain without asking for a password, but if the private key used to create the certificate exists in the System keychain then it will automatically get used when accessing the temp keychain. The easiest way to ensure the private key is in the System keychain is to install your certificate to that keychain.


avatar image Ravlek STAFF Aug 03 '15 at 05:17 PM

Also, make sure the key/certificate is marked always allow (Get Properties, access). This ensures you aren't asked for a password when something like codesign wants to use it (which is probably what is causing #1 in your list).


avatar image GreatGuru Aug 03 '15 at 05:49 PM

Thanks that did it! I backed out my hacks and it now works without them. Wow. Tricky stuff.

(comments are locked)
10|2000 characters needed characters left
Viewable by all users
Your answer
toggle preview:

Up to 5 attachments (including images) can be used with a maximum of 5.2 MB each and 5.2 MB total.

Follow this question

Once you sign in you will be able to subscribe for any updates here

Answers to this question