Certificate Errors

If you submit your request (order) to enroll to Apple and receive a Curl Error, this is usually due to the following for UAT (User Acceptance Testing).

CSR.jpg

  1. The server path to your Apple UAT certificate is incorrect or the permissions are not readable by Apache. Be sure to check the pathname and filename for spelling errors, typos, dashes and periods, capitalization.
  2. The server path to your Apple UAT private key is incorrect or the permissions are not readable by Apache. Be sure to check the for spelling errors, typos, dashes and periods, capitalization.
  3. The passphrase is incorrect.
  4. Your certificate name has been altered from the original file name provided by Apple.
  5. You have misplaced a dash or period when originally creating the CSR.

If you submit your request (order) to enroll to Apple and receive a Curl Error, this is usually due to the following for UAT (User Acceptance Testing).

  1. The server path to your Apple Production certificate is incorrect or the permissions are not readable by Apache. Be sure to check the pathname and filename for spelling errors, typos, dashes and periods, capitalization.
  2. The server path to your Apple Production private key is incorrect or the permissions are not readable by Apache. Be sure to check the for spelling errors, typos, dashes and periods, capitalization.
  3. The passphrase is incorrect.
  4. Your certificate name has been altered from the original file name provided by Apple.
  5. You are using the same private key that you used originally for UAT testing.
  6. You have misplaced a dash or period when originally creating the CSR.

One of the fields prompted is "Common Name (e.g. server FQDN or YOUR name)"
The FQDN is a very important field. Please be sure to provide the following value for this field:

For test environment CSR : GRX-<10DigitsoldTo>.ACC1914.Test.AppleCare
For production environment CSR : GRX-<10DigitsoldTo>.ACC1914.Prod.AppleCare

The leading zeros are important and the soldTo should always be 10 digits. For example, if your soldTo is 0000098765, the value should be

GRX-0000098765.ACC1914.Test.AppleCare for test and
GRX-0000098765.ACC1914.Prod.AppleCare for production.

Please note the following during CSR generation:

- No part of the CSR should contain any reference to Apple. When answering questions related to org name, unit, etc.

 

Was this article helpful?
0 out of 0 found this helpful