Solved it! Had to change "User certificate" to "Code signing".

解决了！不得不将“用户证书”更改为“代码签名”。

I solved it. Ensure you are in the "Certificates" section and you select "Apple Worldwide Developer Relations Certification Authority" before requesting a certificate.

我解决了。确保您在“证书”部分并在申请证书之前选择“Apple Worldwide Developer Relations Certification Authority”。

Keychain Access will not let you Request a Certificate from a Certificate Authority With "identity"...unless you have both the private key andpublic key for identityin your keychain. I ran into this when I only had the private key and not the corresponding public key.

钥匙串访问不会让您从具有“身份”的证书颁发机构请求证书......除非您在钥匙串中同时拥有用于身份的私钥和公钥。当我只有私钥而不是相应的公钥时，我遇到了这个问题。

You can create the public key from the private key and import it into your keychain using the procedure described in I lost my public key. Can I recover it from a private key?

您可以使用我丢失了我的公钥中描述的过程从私钥创建公钥并将其导入到您的钥匙串中。我可以从私钥中恢复它吗？

Once I imported the public key I was able to use the Request a Certificate from a Certificate Authority With "identity"...command without triggering the The specified item could not be found in the keychainerror.

一旦我导入了公钥，我就可以使用“从具有“身份”的证书颁发机构请求证书...命令而不会触发在钥匙串中找不到指定的项目错误。

Go to the "Certificates" section and select "Apple Worldwide Developer Relations Certification Authority" beforerequesting a certificate.

在申请证书之前，转到“证书”部分并选择“ Apple Worldwide Developer Relations Certification Authority” 。

You are (perhaps accidentally) asking Keychain Access to generate a Certificate Signing Request using an existing key. If a key is selected when you go into the Keychain Access- Certificate Assistantmenu, the options presented will be for that selected key.

您（可能是意外）要求 Keychain Access使用现有密钥生成证书签名请求。如果在进入钥匙串访问-证书助手菜单时选择了一个密钥，则显示的选项将用于该选定的密钥。

Choose a non-key item in your keychain (like a saved password) and go to Keychain Access- Certificate Assistantagain to generate the CSR normally.

在您的钥匙串中选择一个非关键项目（如保存的密码）并再次进入钥匙串访问-证书助手以正常生成 CSR。

Even I was getting this issue. I solved this by selecting All Itemsinstead of the Keysin the Categoriespane and then trying to create the Certificate.

甚至我也遇到了这个问题。我通过在窗格中选择All Items而不是 ，然后尝试创建证书来解决此问题。KeysCategories

Try this, it will surely work.

试试这个，它肯定会奏效。

This was happening to me I noticed that the menu option for creating the certificate request had changed from

这发生在我身上我注意到创建证书请求的菜单选项已从

Request a Certificate from a Certificate Authority...

从证书颁发机构请求证书...

to

到

Request a Certificate from a Certificate Authority with "My Name"...

从带有“我的名字”的证书颁发机构请求证书...

I'm on a domain at work so I logged out, logged in and out as another user, then logged in again. After that the menu appeared as expected and this error went away

我在工作的域上，所以我注销，以另一个用户的身份登录和注销，然后再次登录。之后菜单按预期出现，这个错误消失了

My goal was to create a CSR (certificate signing request) using my existing private key to submit to Apple to generate a new iPhone Distribution certificate. I made sure Certificates was the selected Categoryon the left. I tried right clicking my private key and clicking on Request a Certificate From a Certificate Authority With Imported Private Keyand would get the following error when I try to save it.

我的目标是使用我现有的私钥创建一个 CSR（证书签名请求）以提交给 Apple 以生成新的 iPhone 分发证书。我确保证书是左侧的选定类别。我尝试右键单击我的私钥，然后单击使用导入的私钥从证书颁发机构请求证书，当我尝试保存它时会出现以下错误。

The specified item could not be found in the keychain.

在钥匙串中找不到指定的项目。

I also got the same error when I went through the file menu: Keychain Access> Certificate Assistant

当我浏览文件菜单时，我也遇到了同样的错误：钥匙串访问>证书助手

What I've gathered from other internet sources is that Keychain Access DOES NOT allow you to create a new CSR if you imported the private key, only if you created the key locally from the tool.

我从其他互联网来源收集到的是，如果您导入了私钥，Keychain Access 不允许您创建新的 CSR，只有当您从该工具本地创建密钥时。

What I ended up doing instead was exporting the private key and using openssl to generate the new CSR, which Apple accepted, and now references the new Imported Private Key.

我最终做的是导出私钥并使用 openssl 生成 Apple 接受的新 CSR，现在引用了新的导入私钥。

Exporting the private key

导出私钥

1. Right click on private key
2. Export
3. Make sure p12 file format is selected
4. Save
5. Enter a password (optional)
6. Allow access to export key
7. Open Terminal and go to exported directory
8. Extract key from p12 container

1. 右键单击私钥
2. 出口
3. 确保选择了 p12 文件格式
4. 节省
5. 输入密码（可选）
6. 允许访问导出密钥
7. 打开终端并转到导出的目录
8. 从 p12 容器中提取密钥

Be careful as the .pem private key is no longer password protected)

请小心，因为 .pem 私钥不再受密码保护）

$ openssl pkcs12 -in Certificates.p12 -out Certificates.pem -nodes
Enter Import Password: ********************
MAC verified OK

Creating new CSR with exported private key

使用导出的私钥创建新的 CSR

$ openssl req -out Certificates.csr -key Certificates.pem -new
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:.
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (e.g. server FQDN or YOUR name) []:John Doe Dev Key
Email Address []:[email protected]

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

A couple things to note:

需要注意的几点：

• Enter . when you want the field to be blank, or the default will include whatever's in the brackets [].
• Common Name (CN) should be your private key name (e.g., John Doe Dev Key)
• Email Address should be your email address (e.g. [email protected])
• Everything else should be blank

• 进入 。当您希望该字段为空时，或者默认将包括括号 [] 中的任何内容。
• 通用名称 (CN) 应该是您的私钥名称（例如，John Doe Dev Key）
• 电子邮件地址应该是您的电子邮件地址（例如 [email protected]）
• 其他一切都应该是空白的

Verify your CSR

验证您的 CSR

$ openssl req -noout -text -in Certificates.csr
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: CN=John Doe Dev Key/[email protected]
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    …
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: sha1WithRSAEncryption
        …

What you should care about is on the Subjectline and verify that's correct.

你应该关心的是在主题行上并验证它是正确的。

Now all you need to do is submit it to Apple, wait for the certificate to be generated, and then install it. After you import your newly generated certificate, you will see that it'll reference the old certificate that you exported above.

现在您需要做的就是将其提交给Apple，等待生成证书，然后安装它。导入新生成的证书后，您将看到它将引用您在上面导出的旧证书。

i have same problem. i can create CSR then not create it and same error are getting.

我有同样的问题。我可以创建 CSR 然后不创建它并且出现同样的错误。

then i can search and found may solution but not solve.

然后我可以搜索并找到可能的解决方案但没有解决。

some time i can solve it.

有时间我可以解决它。

my keychain access through frist time crate CSR.so my keychain access is lock.

我的钥匙串访问是通过第一次箱子 CSR 访问的。所以我的钥匙串访问是锁定的。

open > keychain access > top of keychain access display " Click to unlock the system keychain "

打开>钥匙串访问>钥匙串访问顶部显示“点击解锁系统钥匙串”

Click that and unlock system keychain then create CSR file then Not Getting this error.

单击它并解锁系统钥匙串，然后创建 CSR 文件，然后未收到此错误。

Choosing the private key in keychain will occur the problem. "the specified item could not be found in the keychain" While you choose the public key solve it. "Your certificate request has been created on disk."

选择钥匙串中的私钥会出现问题。“在钥匙串中找不到指定的项目”当您选择公钥时解决它。“您的证书请求已在磁盘上创建。”

After revoking every certificate I had, I figured out the problem was with my yubikey. It was getting in the way of signing the app. After I removed it, problem solved.

在撤销我拥有的每个证书后，我发现问题出在我的yubikey 上。它妨碍了对应用程序的签名。我删除后，问题解决了。

This forum thread helped me out: https://forums.developer.apple.com/thread/106938

这个论坛帖子帮助了我：https: //forums.developer.apple.com/thread/106938