codesign

Hi Team, I have created multiple certificates for macOS application. Below are the certificates created- Apple Development Certificate DeveloperID Installer Certificate Apple Distribution Certificate others certificates Later, I have imported the all these above certificates in keychain-access. Now, I tried to compile the code through Xcode. I am getting error for code signing certificate. Warning: unable to build chain to self-signed root for signer Apple Development: Amit (M2WMF2YERI)” .... Command CodeSign failed with a nonzero exit code When I checked the TeamID of User(Amit) I can see that his current TeamID is [P8ZW3W9R2Q]. There is mismatch of teamID in apple development certificate generation. Note- All certificates are generated with current TeamID[P8ZW3W9R2Q] of user (Amit) except Apple Development certificate which has been generated with TeamID [M2WMF2YERI] which is generated with old TeamID of user (Amit). I attempted to generate the apple development certificate multiple times but it is

Hi Team, I have created multiple certificates for macOS application. Below are the certificates created- Apple Development Certificate DeveloperID Installer Certificate Apple Distribution Certificate others certificates Later, I have imported the all these above certificates in keychain-access. Now, I tried to compile the code through Xcode. I am getting error for code signing certificate. Warning: unable to build chain to self-signed root for signer Apple Development: Amit (M2WMF2YERI)” .... Command CodeSign failed with a nonzero exit code When I checked the TeamID of User(Amit) I can see that his current TeamID is [P8ZW3W9R2Q]. There is mismatch of teamID in apple development certificate generation. Note- All certificates are generated with current TeamID[P8ZW3W9R2Q] of user (Amit) except Apple Development certificate which has been generated with TeamID [M2WMF2YERI] which is generated with old TeamID of user (Amit). I attempted to generate the apple development certificate multiple times but it is

Mac users often ask whether they should install anti-virus software. The answer usually given on ASC is no. The answer is right, but it may give the wrong impression that there is no threat from what are loosely called viruses. There is a threat, and you need to educate yourself about it. This is a comment on what you should—and should not—do to protect yourself from malicious software (malware) that circulates on the Internet and gets onto a computer as an unintended consequence of the user's actions. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the computer, or who has been able to log in to it remotely. That threat is in a different category, and there's no easy way to defend against it. The comment is long because the issue is complex. The key points are in sections 5, 6, and 10. OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disa

I had a standalone python application (created with pyinstaller) which was working perfectly alone. This macOS application was created in VS. I later decided to improve the application by implementing some Swift features (Subscription Manager). This required me to write a brief Swift file (Subscription Management) in XCode which the Python file called on. Python Standalone Application Calling Swift : # Function to check if the user has a valid subscription def check_subscription(): subscription_manager_path = /Users/isseyyohannes/Library/Developer/Xcode/DerivedData/SubscriptionManager2-ezwjnnjruizvamaesqighyoxljmy/Build/Products/Debug/SubscriptionManager2 # Adjust path try: result = subprocess.run([subscription_manager_path], capture_output=True, text=True, check=True) return VALID_SUBSCRIPTION in result.stdout # Return True if valid, False otherwise except subprocess.CalledProcessError as e: print(fError checking subscription: {e}) return False # Return False if there's an issue However, when I try to run xc

Hello, After my developer Id had expired after 5 years, I created a new one, codesigned the app successfully, but could not notarize: xcrun notarytool submit mac_release/flow5.zip --keychain-profile XFLR5 --wait Conducting pre-submission checks for flow5.zip and initiating connection to the Apple notary service... Error: HTTP status code: 401. Invalid credentials. Username or password is incorrect. Use the app-specific password generated at appleid.apple.com. Ensure that all authentication arguments are correct I don't think I was using an app specific password before, but the last time I went through this process was 5 years ago. Thanks in advance for any help.

Hello! I've just recently discovered LaunchCodeRequirement API and I'm exploring how it works compared to existing alternatives available for macOS versions below 14.4. Some questions I have with regards to safety of older and newer APIs examining the given example: func runProcess(executableURL: URL) throws { let process = Process() process.executableURL = executableURL if #available(macOS 14.4, *) { process.launchRequirement = try LaunchCodeRequirement.allOf { ValidationCategory(.developerID) SigningIdentifier(some-signing-identifier) TeamIdentifier(some-team-identifier) } } else { try secStaticCodeCheckValidity(executableURL) // Point #1 } do { try process.run() // Point #2 if #available(macOS 14.4, *) { // process.launchRequirement should take care of the process // and kill it if launchRequirement constraint is not satisfied } else { try secCodeCheckValidity(process.processIdentifier) // Point #3 } process.waitUntilExit() } catch { process.terminate() throw error } // Point #4 guard process.terminationRe

Hello, I have an application which uses a helper[1] to download[2] files. When files download is a DMG and user mounts the image to run the application from this DMG it doesn't pass Gatekeeper. It presents the Application XYZ.app can't be opened.. Same file downloaded via Safari shows a different dialog, the XYZ.app is an app downloaded from the internet. Are you sure you want to open it? In the system log I see this line: exec of /Volumes/SampleApp/SampleApp.app/Contents/MacOS/SampleApp denied since it was quarantined by Downloadx20Helper and created without user consent, qtn-flags was 0x00000187 The application is running sandboxed and hardened, the main application has com.apple.security.files.downloads.read-write entitlement. Everything is signed by DeveloperID and passes all checks[3]. I tried to check the responsible process[4] of the helper. Then trivial stuff like download folder access in System Settings/Privacy & Security/Files & Folders. Everything seems to be fine. For what it worths the v

Hi, I have a project that integrates the Firebase SDK via SPM as a dependency of an internal Swift Package: My app ⟶ My Library ⟶ Firebase SDK The project builds successfully and can be archived locally ✅. The uploaded .ipa is valid and gets published 🚀. However, we are now trying to automate the release process using Xcode Cloud, but the iOS Archive action is failing ❌ on Xcode Cloud. The logs show the following error ⬇️: error: exportArchive codesign command failed (/Volumes/workspace/tmp/XcodeDistPipeline/XcodeDistPipeline.~~~oomCvM/Root/Payload/base-ios.app/Frameworks/FirebaseAnalytics.framework: replacing existing signature /Volumes/workspace/tmp/XcodeDistPipeline/XcodeDistPipeline.~~~oomCvM/Root/Payload/base-ios.app/Frameworks/FirebaseAnalytics.framework: invalid or corrupted code requirement(s) Requirement syntax error(s): line 1:178: unexpected token: ) ** EXPORT FAILED ** I have been researching this issue for a while and have tried several solutions to fix it, but with no luck. Even thoug

I have an app that only crashes once it's been notarised. I read a few posts that essentially said before trying to identify issues by reviewing the crash report I should ensure signing and notarisation has happened correctly. I've worked through the document Resolving common notarization issues spctl -vvv --assess --type exec: gives no errors and correctly returns my developer id. codesign -dvv: returns a timestamp My app uses a hardened runtime. My app shows up in Xcode as a macOS Archive (e.g not a Generic Xcode Archive) Here is the crash report. Translated Report (Full Report Below) Process: Scene Finder [44479] Path: /Users/USER/Downloads/Scene Finder.app/Contents/MacOS/Scene Finder Identifier: Version: 0.9 (20250206.1) Code Type: ARM-64 (Native) Parent Process: launchd [1] User ID: 501 Date/Time: 2025-02-11 13:09:03.7786 +1000 OS Version: macOS 15.3 (24D60) Report Version: 12 Anonymous UUID: EE8B1269-0A8A-3AB6-516B-C752E8A18B5A Sleep/Wake UUID: 436CD7CF-7B13-4A9C-9425-7EF94CC007A9 Time Awake Si

I am a new macOS developer, and the codesign issue is persistent. I've been trying to resolve it for days. There are two issues: 1.) When downloading and installing frameworks, they are not showing up in Xcode templates. 2.) Regarding codesigning, even though I've installed it on my external drive and placed it in various locations (Library, Templates, Frameworks, Application Contents, macOS Templates and Frameworks) and added through General Libraries in Xcode, persistently encountering issues. I'm experiencing a codesign problem. I've cleaned the build, cleared derived data, downloaded certificates, added them to the access key, and linked the binary. However, the issue persists. Please help me, as this is making the process much more difficult. I've been stuck on this for weeks.