Solving the “Distribution Certificate with Fingerprint Hasn’t Been Imported Successfully” Error in Expo iOS Local Builds
Fix the “Distribution certificate hasn’t been imported” error in Expo iOS builds with this step-by-step guide on certificates and Keychain setup.
🚨 The Problem
While building an iOS app locally using Expo EAS CLI, you may run into this frustrating error:
error Distribution certificate with fingerprint xxxxxxxxxxx hasn’t been imported successfully
This usually happens because your machine lacks a valid Apple Worldwide Developer Relations Intermediate Certificate or the certificate is outdated. This certificate is required to validate the trust chain between your signing credentials and Apple.
🔍 Why This Error Happens
Apple uses intermediate certificates to verify that your distribution certificate is trusted and was issued by Apple. If this intermediate certificate is missing or expired, macOS or eas-cli won’t be able to verify your distribution certificate—and the build process fails.
✅ Primary Fix — Install the Intermediate Certificate
- Download the Latest Intermediate Certificate
Go to Apple’s official certificate page and download the latest version of Apple Worldwide Developer Relations Certification Authority, such asAppleWWDRCAG3.cer. - Import It to Keychain
Double-click the downloaded.cerfile to open it in Keychain Access. It should be added to the "System" or "Login" keychain. - Verify It’s Trusted
In Keychain, make sure the certificate appears as “trusted” and not expired.
Rebuild Your App
Once imported, retry your build:
eas build --platform ios --local
The error should be resolved if the trust chain is now complete.
🧪 What If the Intermediate Certificate Doesn’t Fix It?
If installing the intermediate certificate doesn’t solve your issue, try the following additional steps:
🔄 Additional Troubleshooting Steps
- Manually Import the Distribution Certificate into Keychain
Download your.p12distribution certificate from the Expo dashboard and import it into Keychain Access. When prompted, enter the password you used to export it. If the certificate shows as "untrusted," it's likely because the intermediate certificate is still missing or incorrect. - Reboot Your Mac After Installation
Some users have reported that rebooting their Mac after importing the certificates resolved the issue. It ensures the system reloads trust settings and recognizes the certificates. - Verify Certificates When Using Windows or Federated Apple Accounts
If you’re on Windows or using federated Apple Developer accounts, you may not be able to authenticate through CLI. In such cases, manage certificates manually and double-check.p12file imports.
Use OpenSSL to Regenerate .p12 Certificates Properly
On Windows, use the -legacy flag when creating .p12 files with OpenSSL:
openssl pkcs12 -export -legacy -out mycert.p12 -inkey privateKey.key -in cert.pem
This can solve compatibility issues with Expo CLI.
📝 Summary
| Issue | Solution |
|---|---|
| Missing or expired intermediate certificate | Download AppleWWDRCAG3.cer from Apple and import it into Keychain |
Untrusted .p12 certificate |
Reimport manually and verify trust in Keychain |
| Persistent errors | Reboot Mac, use OpenSSL for Windows users, or check federated account limitations |
| Manual build required | Use eas credentials to inspect and manage certificate setups manually |
💡 Final Thoughts
Most Expo iOS local build errors like this one are due to a missing or outdated intermediate certificate. Downloading and correctly installing the Apple Worldwide Developer Relations Certification Authority file almost always solves it.
Still stuck? Double-check:
- The certificate trust chain in Keychain Access
- Your provisioning profiles and
.p12files - Whether you’re affected by Windows-specific or federated account issues