Search results for

codesign

3,107 results found

Post

Replies

Boosts

Views

Activity

Can't Get Past Code Signing Error When Building Flutter App
Hi, I developed a Flutter app that works well in the iOS simulator, but that fails to deploy on my physical iPhone 13 Pro Max. Here is the error I get: Target debug_unpack_ios failed: Exception: Failed to codesign /Users//Library/Developer/Xcode/DerivedData/Runner-/Build/Products/Debug-iphoneos/Flutter.framework/Flutter with identity I've followed all the instructions that I found online, like moving my project from cloud storage to my local hard drive, but nothing has worked. Thank you so much for your help!
Topic: Code Signing SubTopic: General
6
0
108
Apr ’25
Reply to Can't Get Past Code Signing Error When Building Flutter App
I see the whole error now, thanks to your instructions, but i still don't understand it/know how to fix it: CodeSign /Users/mjw/Library/Developer/Xcode/DerivedData/test3-fplwbgvlqthlalgvxynxjlnmsemc/Build/Products/Debug-iphoneos/test3.app/test3.debug.dylib (in target 'test3' from project 'test3') cd /Users/mjw/Documents/Projects/Current/test2/test3 Signing Identity: Apple Development: Full Name (V6775UBEAS) Provisioning Profile: iOS Team Provisioning Profile: * (982489b4-4832-4f77-8246-e8b1ea49eff1) /usr/bin/codesign --force --sign 6411F4C28E0E1A991FBFE8E1F1A89B77B589EC21 --timestamp=none --generate-entitlement-der /Users/mjw/Library/Developer/Xcode/DerivedData/test3-fplwbgvlqthlalgvxynxjlnmsemc/Build/Products/Debug-iphoneos/test3.app/test3.debug.dylib Warning: unable to build chain to self-signed root for signer Apple Development: Full Name (V6775UBEAS) /Users/mjw/Library/Developer/Xcode/DerivedData/test3-fplwbgvlqthlalgvxynxjlnmsemc/Build/Products/Debug-iphoneos/test3.app/test3.debug.dylib
Topic: Code Signing SubTopic: General
Apr ’25
Code sign
Hi, I got the error: /usr/bin/codesign exited with code 1: Warning: unable to build chain to self-signed root for signer Apple Distribution: Q.A.C.F. - Quality Academy Consultoria E Formacao, Unipessoal, Lda (xxxxxx) /Users/pedroramalho/Library/Caches/Xamarin/mtbs/builds/drBoxSaude.iOS/3bed3d51415af2e100a4d2bc57e1d36fb42d76ceb190de1db1c4d0dbccbff863/bin/iPhone/Release/drBoxSaude.iOS.app: errSecInternalComponent and /usr/bin/codesign exited with code 1: /Users/pedroramalho/Library/Caches/Xamarin/mtbs/builds/drBoxSaude.iOS/3bed3d51415af2e100a4d2bc57e1d36fb42d76ceb190de1db1c4d0dbccbff863/bin/iPhone/Release/drBoxSaude.iOS.app/Frameworks/libSkiaSharp.framework: replacing existing signature Warning: unable to build chain to self-signed root for signer Apple Distribution: Q.A.C.F. - Quality Academy Consultoria E Formacao, Unipessoal, Lda (xxxxx) /Users/pedroramalho/Library/Caches/Xamarin/mtbs/builds/drBoxSaude.iOS/3bed3d51415af2e100a4d2bc57e1d36fb42d76ceb190de1db1c4d0dbccbff863/bin/iPhone/Release/d
Topic: Code Signing SubTopic: Certificates, Identifiers & Profiles Tags:
1
0
89
Apr ’25
Reply to Can't Get Past Code Signing Error When Building Flutter App
It's definitely an Apple code signing issue. I connected my phone to my mac with a cable and created a brand new test project. I ran it on the simulator and it ran and showed hello world. When tried to run it on my phone, it errored (Command CodeSign failed with a nonzero exit code). If you would please help me debug code signing, I would really appreciate it. Thanks!
Topic: Code Signing SubTopic: General
Apr ’25
Reply to AppStore submission for Ruby/Glimmer app on MacOS without Xcode
Yes, that's correct. That error only only occurs when installing via TestFlight and pops up twice. The app is never installed under /Applications. To be clear, before codesigning, the app runs fine on my system (always has). As a further test, if I extract the pkg file that I uploaded via Transporter, which is subsequently available via TestFlight, I get this: /tmp λ xar -xf ~/code/ruby/PATHmanager.pkg /tmp λ ll total 8 drwxrwxrwt 7 root wheel 224 Mar 31 09:23 . drwxr-xr-x 6 root wheel 192 Mar 20 09:49 .. -rw-r--r-- 1 chip staff 1217 Mar 31 09:23 Distribution drwx------ 3 chip wheel 96 Mar 20 09:50 com.apple.launchd.AUOVCHr68r drwx------ 5 chip staff 160 Dec 31 1969 com.chipcastle.pathmanager.pkg srwxr-xr-x 1 chip wheel 0 Mar 20 09:50 mykitty-1525 drwxr-xr-x 2 root wheel 64 Mar 30 15:31 powerlog /tmp λ cpio -i < com.chipcastle.pathmanager.pkg/Payload 58137 blocks /tmp λ ll total 8 drwxrwxrwt 8 root wheel 256 Mar 31 09:23 . drwxr-xr-x 6 root wheel 192 Mar 20 09:49 .. -rw-r--r-- 1 chip staff 1217 Ma
Topic: Code Signing SubTopic: General
Mar ’25
Reply to Sequoia 'local network' permission failure from launch agent
There are a bunch of factors that could lead to this problem but, after doing a bunch of testing here in my office, I suspect that this is a bug in local network privacy )-: To start, I’m testing on macOS 15.3.2 (24D81), in a VM, restoring from a clean snapshot between each test. I have a test tool that connects either via Network framework or BSD Sockets. The code is pasted in at the end of this email. Note This relies on the helpers in Calling BSD Sockets from Swift. The tool is signed with an Apple Development signing identity: % codesign -d -vv Test778457 … Authority=Apple Development: Quinn Quinn (7XFU7D52S4) … Note This is different from your case, because Homebrew uses ad-hoc signing. I was hoping that signing the code might help. It does not. I have a launchd property list that runs my shell script: % plutil -p com.example.Test778457.plist { Label => com.example.Test778457 ProgramArguments => [ 0 => /Users/quinn/Test778457.sh ] } And a shell script that runs my tool: % cat Test778457
Topic: App & System Services SubTopic: Networking
Mar ’25
Reply to AppStore submission for Ruby/Glimmer app on MacOS without Xcode
Yes, sorry that I wasn't clear - The error did occur when attempting to open the app with TestFlight (the dialog box opened twice with the same message, BTW.) Plus, PATHmanager.app is neither installed under /Applications, nor ~/Applications. If there's something else I can do to get it installed, I'm all ears. :-) I'll post the output of your suggested commands from the extracted .pkg file that was uploaded using Transporter (hopefully that helps?): Signature dump for app bundle /tmp λ codesign -d -vvv PATHmanager.app/ Executable=/private/tmp/PATHmanager.app/Contents/MacOS/PATHmanager Identifier=com.chipcastle.pathmanager Format=app bundle with Mach-O thin (arm64) CodeDirectory v=20500 size=223206 flags=0x10000(runtime) hashes=6964+7 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=a7e912f449ef085b27467d282bfeca980b8e4d9c CandidateCDHashFull sha256=a7e912f449ef085b27467d282bfeca980b8e4d9c9063d3b31bb34aaa15383e7d Hash choices=sha256 CMSDigest=a7e912f449ef085b27467d282bfeca980b8e4d9c9
Topic: Code Signing SubTopic: General
Mar ’25
Reply to AppStore submission for Ruby/Glimmer app on MacOS without Xcode
[quote='831709022, chipcastle, /thread/774923?answerId=831709022#831709022, /profile/chipcastle'] I was able to get it submitted to TestFlight, but am now getting a slightly different error for the dylib than before: [/quote] So, you’re seeing this when launching the app that you installed using TestFlight? If so, reproduce the problem and then dump the signature of your app and its embedded dynamic library. So, this: % codesign -d -vvv /Applications/PATHmanager.app and this: % codesign -d -vvv /Applications/PATHmanager.app/Contents/Frameworks/libui.dylib They should be the same, that is, both signed by Apple Mac OS Application Signing. Is that what you see? Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com
Topic: Code Signing SubTopic: General
Mar ’25
SystemPolicyAllFiles code signing requirement
Hello. I have an enterprise application that requires specific privileges to execute correctly on MacOS. One of these privileges is SystemPolicyAllFiles (aka Full Disk Access), as we use the endpoint security framework. When we distribute our application, we generate: A signed, notarized pkg consisting of our application binaries. An MDM-compatible .mobileconfig, which contains the SystemPolicyAllFiles setting. We expect our users to install both to get the application to function correctly. However, we have three environments we deploy to: Internal (local development on a developer's workstation), development (where features are integrated prior to release) and production (what our customers get). For local, our developers create an Apple account and use a Mac Development certificate for signing. They also generate their own embedded.provisionprofile and drop that into their local installation config. For development/production, we use our Developer ID certificate and Developer Installer certificate, with an
Topic: Code Signing SubTopic: General Tags:
8
0
155
Mar ’25
Reply to AppStore submission for Ruby/Glimmer app on MacOS without Xcode
I was able to get it submitted to TestFlight, but am now getting a slightly different error for the dylib than before: “libui.dylib” Not Opened Apple could not verify “libui.dylib” is free of malware that may harm your Mac or compromise your privacy. The dylib is located under Contents/Frameworks, so I'm not sure what else there is to be done. Bundle contents λ xar -xf ~/code/ruby/PATHmanager.pkg /tmp λ lsbom com.chipcastle.pathmanager.pkg/Bom . 0 0/0 ./PATHmanager.app 40755 0/0 ./PATHmanager.app/Contents 40755 0/0 ./PATHmanager.app/Contents/Frameworks 40755 0/0 ./PATHmanager.app/Contents/Frameworks/libui.dylib 100644 0/0 925632 2654273729 ./PATHmanager.app/Contents/Info.plist 100644 0/0 1415 196399421 ./PATHmanager.app/Contents/MacOS 40755 0/0 ./PATHmanager.app/Contents/MacOS/PATHmanager 100755 0/0 28765680 1121196294 ./PATHmanager.app/Contents/PkgInfo 100644 0/0 8 742937289 ./PATHmanager.app/Contents/Resources 40755 0/0 ./PATHmanager.app/Contents/Resources/AppIcon.icns 100644 0/0 56310 2265036908 ./PATHmana
Topic: Code Signing SubTopic: General
Mar ’25
Reply to Multiple Executables in a Single Bundle Fails to Launch Others After Codesign
Quinn! Thank you for your efforts and details. Your posts on this forum have been a lifesaver for those of us new to the world of Apple development/deployment. Current Entitlements Each of our executables require the same entitlements: com.apple.security.app-sandbox com.apple.security.cs.disable-library-validation com.apple.security.files.user-selected.read-write com.apple.security.network.client com.apple.security.network.server From the research into the articles you posted, it seems like these are all safe to inherit but I could be wrong about that! And if it's all going to TestFlight then I suppose it's restricted? The lib validation is disabled because we include a plugin ecosystem through Qt. I've tried adding the com.apple.security.inherit in our entitlements but am still seeing the same issue. Here's the entitlements for the exec_b (and exec_a) > codesign -d --entitlements - exec_b Executable=/Users/foo/src/SomeApp.app/Contents/MacOS/exec_b [Dict] [Key] com.apple.security.app-sandbox [Valu
Topic: Code Signing SubTopic: General Tags:
Mar ’25
Reply to AppStore submission for Ruby/Glimmer app on MacOS without Xcode
It’s better to reply as a reply, rather than in the comments; see Quinn’s Top Ten DevForums Tips for this and other titbits. Here's the link Thanks. I downloaded that and extracted your app: % xar -xf PATHmanager.pkg % cpio -i < com.chipcastle.pathmanager.pkg/Payload 58111 blocks I then dumped its code signature: % codesign -d -vvv --entitlements - PATHmanager.app Executable=/Users/quinn/Desktop/test/PATHmanager.app/Contents/MacOS/PATHmanager Identifier=com.chipcastle.pathmanager Format=app bundle with Mach-O thin (arm64) CodeDirectory v=20500 size=223078 flags=0x10000(runtime) hashes=6964+3 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=ed5d7d18f524cae6db2b57b2682ebfa61572510b CandidateCDHashFull sha256=ed5d7d18f524cae6db2b57b2682ebfa61572510b56d6a26c037c8cc003f1f1d3 Hash choices=sha256 CMSDigest=ed5d7d18f524cae6db2b57b2682ebfa61572510b56d6a26c037c8cc003f1f1d3 CMSDigestType=2 CDHash=ed5d7d18f524cae6db2b57b2682ebfa61572510b Signature size=9115 Authority=Apple Distribution: Chip
Topic: Code Signing SubTopic: General
Mar ’25
Reply to Persistent “com.apple.security.get-task-allow” entitlement after signing¬arizing
/usr/libexec/PlistBuddy -c Add :com.apple.security.get-task-allow bool true /tmp/my-app-debug-entitlements.plist /usr/libexec/PlistBuddy -c Add :com.apple.security.cs.disable-library-validation bool true /tmp/my-app-debug-entitlements.plist codesign --timestamp --options runtime --sign Developer ID Application: *** (***) --entitlements /tmp/my-app-debug-entitlements.plist --force /path/to/my-debug-binary I had no problems with the notarization process of the binary I signed this way. As you said, I will not distribute my application in this way. I will only distribute this binary to users I want to debug. Thanks.
Topic: Code Signing SubTopic: Entitlements
Mar ’25