提供的passTypeIdentifier或teamIdentifier可能与您的证书不匹配,或者无法验证证书信任链

时间:2012-10-11 20:50:19

标签: ios passbook

当我尝试通过按“添加”按钮安装手动打包的存折应用程序时,我在标题中收到错误。我可以成功安装使用'signpass'工具打包的存折应用程序,但我现在需要在unix服务器上创建动态包。

我一直在尝试使用网络上的各种软件包手动打包我的存折应用程序,每个软件包都给出了同样的错误。这是我尝试过的几个包: https://github.com/maater/TCSH-PKPass https://github.com/devartis/passbook https://github.com/pcperini/PyPKPass

这是创建并压缩的pass.json(请注意,teamIdentifier和passTypeIdentifier都已填充):

{
  "formatVersion" : 1,
  "passTypeIdentifier" : "pass.votizen.membership",
  "serialNumber" : "ASDF",
  "webServiceURL" : "https://www.votizen.com/passbook/",
  "authenticationToken" : "AUTH_TOKEN",
  "teamIdentifier" : "MY_TEAM_IDENTIFIER",
  "organizationName" : "Matthew Snider",
  "description" : "Your voter registration card",
  "logoText" : "VOTIZEN",
  "labelColor": "#B7B0A8",
  "foregroundColor" : "#5F6062",
  "backgroundColor" : "#FCFAF5",
  "generic" : {
    "headerFields": [
      {
        "key" : "reg_date",
        "label": "VOTER SINCE",
        "value" : "2002"
      }
    ],
    "primaryFields" : [
      {
        "key" : "party",
        "label": "REGISTERED PARTY",
        "value" : "Democrat"
      }
    ],
    "secondaryFields" : [
      {
        "key" : "election",
        "label" : "NEXT ELECTION",
        "value" : "November 6, 2012"
      },
    ],
    "auxiliaryFields" : [
      {
        "key" : "polling_place",
        "label" : "POLLING PLACE",
        "value" : "268 E Julian Street, San Jose, CA 95112",
        "textAlignment" : "PKTextAlignmentLeft"
      }
    ],
    "backFields" : [
      {
        "key" : "elections",
        "label" : "ELECTIONS YOU VOTED IN",
        "value" : "2010 General\n2008 General\n2008 Primary\n2004 General"
      },
      {
        "key" : "polling",
        "label" : "DIRECTIONS TO YOUR POLLING PLACES",
        "value" : "https://maps.apple.com/maps?q=268+E+Julian+Street,+San+Jose,+CA+95112"
      },
      {
        "key" : "website",
        "label" : "Powered by Votizen",
        "value" : "https://www.votizen.com/"
      }
    ]
  }
}

我按照apple上的步骤生成了Pass Type ID证书,下载并安装在我的Keychain Access中。然后我将其导出为“Certificates.p12”并运行以下命令以生成certificate.pem和key.pem:

set P12 = Certificates.p12
sef PASSWORD = MY_PASSWORD
openssl pkcs12 -passin pass:$PASSWORD -in "$P12" -clcerts -nokeys -out certificate.pem 
openssl pkcs12 -passin pass:$PASSWORD -in "$P12" -nocerts -out key.pem -passout pass:$PASSWORD

创建清单文件后,我运行:

openssl smime -passin pass:$PASSWORD -binary -sign -certfile wwdr.pem -signer certificate.pem -inkey key.pem -in manifest.json -out signature xs-outform DER

我通过将Apple Worldwide Developer Relations Certification Authority导出为隐私增强邮件文件来创建wwdr.pem。

我在某处读到你需要安装Apple Root Certificate Authority(我有),所以这里是我安装的证书列表:

  • Apple Application Integration证书颁发机构Apple Root CA
  • Apple Root Certificate Authority申请全球开发者关系
  • 证书颁发机构
  • com.apple.idms.appleid.prd.4f3756614a59746e554a36344e6b55426b64576441413d3d
  • com.apple.ubiquity.peer-uuid.207240B0-758A-4C1E-B173-D1B70FF03533
  • com.apple.ubiquity.peer-uuid.C5D1968F-8923-48E4-A09D-8C9AE485A88B
  • com.apple.ubiquity.ssl-cert.C5D1968F-8923-48E4-A09D-8C9AE485A88B
  • iPhone开发人员:Matthew Snider Pass Type ID:
  • pass.votizen.membership

显然,我使用的证书或我如何打包证书有问题。我不知道我做错了什么。我希望有人有个主意。

2 个答案:

答案 0 :(得分:15)

我明白了。我没有意识到在创建p12文件时需要同时选择证书和私钥。我假设导出证书也包括私钥,但它没有。在Keychain Access中导出Pass Type ID时,请确保它显示“Export 2 Items”,而不是“Export Pass Type ID:...”。

答案 1 :(得分:1)

我意识到这是一个古老的问题,但最近又出现在我身上。问题是“新的”Apple WWDR 证书与同样由 Apple 创建的 pass 证书不兼容。

解决方案是在签署通行证时使用“旧”WWDR 证书,该证书将于 2023 年到期。

相关问题
最新问题