codesign

Hello. I have an enterprise application that requires specific privileges to execute correctly on MacOS. One of these privileges is SystemPolicyAllFiles (aka Full Disk Access), as we use the endpoint security framework. When we distribute our application, we generate: A signed, notarized pkg consisting of our application binaries. An MDM-compatible .mobileconfig, which contains the SystemPolicyAllFiles setting. We expect our users to install both to get the application to function correctly. However, we have three environments we deploy to: Internal (local development on a developer's workstation), development (where features are integrated prior to release) and production (what our customers get). For local, our developers create an Apple account and use a Mac Development certificate for signing. They also generate their own embedded.provisionprofile and drop that into their local installation config. For development/production, we use our Developer ID certificate and Developer Installer certificate, with an

I’m building an Electron app for macOS that I plan to distribute to users in a .dmg outside the Mac App Store. I have a Developer ID Application certificate (from Apple’s Developer Portal) and a private key, and I can see “Developer ID Certification Authority” in my System Roots keychain. • My Developer ID Application certificate is in the login keychain, and it shows up under “My Certificates” with its private key. • On Keychain, certificate shows red message not trusted, but when I evaluate and check it specifically for codesigning it shows a green checkmark and success • Developer ID Certification Authority is in System Roots. • security find-identity -p codesigning – shows my certificate, but shows 0 valid identities • Updated operating system and deleted and recreated a new certificate, still get the same issue

Xcode is prompting I enter a codesign login password when I am archiving my project. My password seems incorrect since there is no action after I enter my password and tap allow. what could be the problem?

I am experiencing an issue when publishing my .NET MAUI application for iOS using Visual Studio Code. During the publishing process, I encountered a codesign error. Hope someone can help me. This is the error: Warning: unable to build chain to self-signed root for signer Apple Distribution: SOFTBUILDER SDN. BHD. (********) /Users/frankongthuanhong/Desktop/App/MLBusinessCafe_Maui/MLBusinessCafe_Maui/bin/Release/net8.0-ios/ios-arm64/MLBusinessCafe_Maui.app: errSecInternalComponent /usr/local/share/dotnet/packs/Microsoft.iOS.Sdk.net8.0_18.0/18.0.8316/tools/msbuild/iOS/Xamarin.Shared.targets(2335,3): error : /usr/bin/codesign exited with code 1: [/Users/frankongthuanhong/Desktop/App/MLBusinessCafe_Maui/MLBusinessCafe_Maui/MLBusinessCafe_Maui.csproj::TargetFramework=net8.0-ios] /usr/local/share/dotnet/packs/Microsoft.iOS.Sdk.net8.0_18.0/18.0.8316/tools/msbuild/iOS/Xamarin.Shared.targets(2335,3): error : Warning: unable to build chain to self-signed root for signer Apple Distribution: SOFTBUILDER

I'm working on an audio plugin, and when I set the target to VST3 instead of Standalone Plugin and check the Debug Executable box, I get this error: Message from debugger: attach failed (Not allowed to attach to process. Look in the console messages (Console.app), near the debugserver entries, when the attach failed. The subsystem that denied the attach permission will likely have logged an informative message about why it was denied.) I found this post, which seems to be about this same issue, and I followed the recommended solution: I made sure CODE_SIGN_INJECT_BASE_ENTITLEMENTS is true and DEPLOYMENT_POSTPROCESSING is false. I also checked the entitlements on the .app using codesign -d --entitlements, and it returned: [Key] com.apple.security.get-task-allow [Value] [Bool] true This seems like it has the proper entitlements, but it is still breaking with the above error message when I clean and build. Any ideas?

Hi folks We have a Developer ID Application which we create using electron. We made our last release for our Application on Nov'24 which was correctly working. Using the same code, we tried creating a notarized application again which started showing the following error while opening our Application. Monterey- M2- When we directly run the dmg on the dev machine, it does not give us the prompt. But if we download it from somewhere and run, the prompt comes up even in dev machine. We executed some commands to verify the notarization: 1- spctl --assess -vv /Applications/Refresh Pro.app On both dev machine and non-dev machine, the output was accepted /Applications/Refresh Pro.app: accepted source=Notarized Developer ID origin=Developer ID Application: Prograde Digital Incorporated (*******) 2- xcrun stapler validate /Applications/Refresh Pro.app On dev machine, we executed this command and the output is as follows. Processing: /Applications/Refresh Pro.app The validate action worked! 3- codesign -vvv --d

I am trying to resign a package using a script from Docebo. But I got an error when running the script error: The specified item could not be found in the keychain. So I ran security find-identity and I got a 0 Valid identity message. But I can see these certificates installed in my keychain and downloaded a brand new mobile provissioning profile. No dice... any ideas?