Error: Failed to update credentials. The .p12 file failed validation against Apple CA chain

I am trying to setup cloud build for iOS, and I can’t for the life of me figure out what is wrong. I created a cert signing request from keychain access, uploaded to Apple Developer to create mobile provision, created certificate, downloaded, installed on keychain access, export .p12 file, and added .mobileprovision and .p12 files to Cloud Build Credentials in Unity to start build. And I get the error in the title.

Am I missing something? I am not finding much useful information while searching Google. I noticed that when adding the cert to keychain access, it immediately has a red “X” like it has an error. But I literally just generated and downloaded it. What am I doing wrong?

Thanks

I am seeing this error too when I try to update expired credentials. I think it might be a UCB issue.

Hey, yeah this is a UCB issue - we updated a piece of our infrastructure and it caused apple certificate validation to break unexpectedly when uploading new certificates. This should not have affected existing iOS credentials and we’re just about to release the fix right now.

EDIT: The fix has been deployed now, if you see this again please submit a support ticket so I can investigate further.

It is working for me now.

Not working for me. Could this be some other kind of reason why this is failing?

Not working for me, either. Could this be some other kind of reason why this is failing?

1 Like

Its also not working for me

1 Like

Also not working for me. Tried the steps mentioned by lifetree at the beginning of this post, and tried generating the new distribution cert in xcode. Both give this same error in Unity Cloud build.

Interesting that I managed fine with a new App store distribution cert last month.
This cert is a new Enterprise (in house or ad-hoc) distribution cert. Could it be that the issue is specific to Enterprise distribution certs?

Wonder if the issue could be related to this:
from Code Signing Resources | Apple Developer Forums

Worldwide Developer Relations Certification Intermediate Certificate update
New Enterprise iOS Distribution Certificates will be issued using a new version of the Apple Worldwide Developer Relations Certification Intermediate Certificate. Apple development certificates will continue to be issued by the version of the Apple Worldwide Developer Relations Certification Intermediate Certificate that expires on February 7, 2023, so you should keep both versions installed on your development systems and servers.

Xcode 11.4.1 or later is required to sign apps using certificates issued with the new intermediate certificate. If you are unable to upgrade to a compatible version of Xcode, you can continue to sign your apps using the command line. Download and install the new intermediate certificate to ensure that you can successfully sign apps with a newly created Enterprise iOS Distribution Certificate.

WWDR Certification Intermediate Certificate (Expires February 7, 2023)
WWDR Certification Intermediate Certificate (Expires February 20, 2030)

@victorw
The 2030 WWDR Cert is now used with all Enterprise Distribution Certs created after 2 September 2020. Is Unity cloud build checking for this cert as well now during validation against apple CA chain?

@Tomoyuki_Naito
@tcs_coe

Are you attempting with an Enterprise (in house) distribution cert or App store distribution cert? This will help identify if the problem is specific to Enterprise distribution certs

is there some news to this problem ? got this error with an enterprise in house distribution cert created today

got this error with an enterprise in house distribution cert created today too…

@victorw Could you please check the above post
I am having the same issues when we are trying to release with enterprise

Same error here when generating the certificates following
Generating iOS P12 / certs without Mac OSX Keychain (on linux, windows, etc) · GitHub (Linux)

2 Likes

Same as @louis030195 on Windows, I’m pretty sure I have used this method before without issues.

I’m getting this error too.

What i have done:

  1. requested a certificate from a certificate authority using keychain access.
  2. Created the certificate on developer.apple.com using this request file.
  3. Downloaded the certificate
  4. Installed it to the keychain by double clicking it.
  5. Exported a .p12 file.

Important: I do have both apple intermediate certificates installed (Apple Worldwide Developer Relations Certificate Authority valid till 2023 AND 2030)

Next to my created certificate is the message: This certificate is valid.

I submitted a support ticket right now. Please respond fast, cause my project is depending on unity cloud build.

Thank you!

@kolmichcreations – did you get a response to your ticket?

I made cert request with windows, downloaded the cert from developer.apple.com and exported the cert with private key as p12 format. I am trying to add them as credentials for ad-hoc but I am getting error.
Failed to update credentials! The .p12 file failed validation against Apple CA chain.

1 Like

For me it worked to set a password for the .p12 file. Without a password it would fail with the “failed validation against Apple CA chain.” error.