What private keys should I save in order to be able to rebuild my iOS application?

In Apple's iOS Provisioning Portal, under Distribution > "Prepare App," there is a stern warning about how critical it is that I save my private key. (To see it, click "Obtaining your iOS Distribution Certificate," then "Saving your Private Key and Transferring to Other Systems.") Here is what it says:

It is critical that you save your private key somewhere safe in the event that you need to build your application on multiple Macs or decide to reinstall your system OS. Without your private key, you cannot sign binaries in Xcode and there you will be unable to upload your application to the App Store or install your application on any Apple device. When a CSR is generated, the Keychain Access application creates a private key on your login keychain. This private key is tied to your user account and cannot be reproduced if lost due to an OS reinstall. If you plan to do development and testing on multiple systems, you will need to import your private key onto all of the systems yo开发者_运维问答u’ll be doing work on.

1. To export your private key and certificate for safe-keeping, open up the Keychain Access Application and select the “Keys” category.
2. Highlight the private key associated with your iOS Distribution Certificate and select “Export Items” from the ‘File’ menu. Save your key in the Personal Information Exchange (.p12) file format.
3. You will be prompted to create a password which will be used when you attempt to import this key on another computer.
4. You can now transfer this .p12 file between systems. Double-click on the .p12 to install on a system. You will be prompted for the password you first entered above.

I can't figure out which private key to save, and I don't quite understand how all this stuff works.

I figured I was probably supposed to save the private key that is associated with the certificate named "iPhone Distribution: Acme Software" (where "Acme Software" is the [fictional] name of the company). If I go to the "Certificates" section, then there is a certificate with that name, and if I expand that section, there is a private key under it named "Mike Morearty" (my name). So I could export that.

But the instructions on the Provisioning Portal said to go to the "Keys" section, not the "Certificates" section. Under "Keys," I see six private keys all named "Mike Morearty," and there is no way to tell most of them apart. A couple of them have certificates nested underneath them, e.g. one has "iPhone Developer: Mike Morearty," and another has "Apple Development Push Services: ...". I understand that. But none of them shows "iPhone Distribution: Acme Software."

Should I just click the "Mike Morearty" private key that was under the "iPhone Distribution: Acme Software" certificate in the Certificates section? Or is there some way to figure out which private key to export from the Keys section?

To be safe, you could export all of them.

However, if you have a working build environment in XCode that uses the proper keys then you can also export your developer profile. in XCode go to Window->Organizer and find "Developer Profile" under "Development". The Export Developer Profile exports the appropriate private keys for all the valid identities in that XCode installation.