Search results for

“codesign”

3,223 results found

Post

Replies

Boosts

Views

Activity

translocation
Hi all,My application is distributed as a .dmg file, which contains two signed .app applications.Per Apple's new policy with respect to app translocation, I codesign the .dmg file so that app translocation won't be applied when running the programs -- otherwise my first app is unable to find my second app in order to launch it: $ codesign -f -v -s Developer ID Application: Jeremys Company Name ./my_app.dmg... the codesigning appears to succeed, and I can verify that afterwards the .dmg file is signed: $ codesign -vvv ./my_app.dmg ./my_app.dmg: valid on disk ./my_app.dmg: satisfies its Designated Requirement... and yet, after I updated to 10.12.2 Beta (16C53a) and then install the .dmg file, the app translocation thing still happens every time I run my app.My question is, is this a regression bug in the 10.12.2 Beta, or am I doing something wrong?Thanks,Jeremy
Topic: App & System Services SubTopic: Core OS Tags:
1
0
911
Dec ’16
Reply to Simple tunnel build fails - NEAppProxyErrorDomain
Thanks, that explains it! I manged to make it build and run, now fighting with entitlements and provisioning profiles for the sample app but that's a different level of fun 🙂.Edit: after a few hours spent with figthing the XCode's The executable was fund with invalid entitlements, I have noticed this post related to missing com.apple.managed.vpn.shared entitlements when generating the Netwrok Extension entitlements via the website: https://forums.developer.apple.com/thread/67894.Likely to be connected to my issue and therefore shall I wait for an answer on that before banging my head aagainst the wall any further?Further on this, I did follow your Debugging Entitlement Issues and my provisioning profile entitlements seems to make sense and be consistent with the entitlements listed in the .app and .appex products of the template.Provisioning profile's entitlements: <key>Entitlements</key> <dict> <key>com.apple.developer.networking.networkextension</key> <array> <string&
Topic: App & System Services SubTopic: Networking Tags:
Dec ’16
Reply to Simple tunnel build fails - NEAppProxyErrorDomain
You shouldn’t need the com.apple.managed.vpn.shared keychain access group to get a VPN provider up and limping. It’s only necessary if you want to support managed VPN, where the device manager installs a client identity as part of a configuration profile such that your VPN provider can access it. <string>$MyTeamID$.com.apple.managed.vpn.shared</string>This is definitely not correct. The whole point of the com.apple.managed.vpn.shared keychain access group is that it’s not prefixed by your Team ID, and thus it’s shared by all VPN providers and the configuration profile machinery. Pasted in below in a dump of the entitlements and provisioning profiles for my testbed VPN app. I don’t have time right now to compare it with what you posted, but I figured your might find it helpful.Share and Enjoy — Quinn “The Eskimo!” Apple Developer Relations, Developer Technical Support, Core OS/Hardware let myEmail = eskimo + 1 + @apple.com$ codesign -d --entitlements :- QNEPacketTunnel.app Executable=…/QNE
Topic: App & System Services SubTopic: Networking Tags:
Dec ’16
Reply to Simple tunnel build fails - NEAppProxyErrorDomain
Interesting. Apart from fixing the com.apple.managed.vpn.shared keychain issue you outlined, I've double checked your dump with mines and there is a difference that seems a good hint.The network extension entitlements below are present in my product's entitlement (codesign -dentitlements SimpleTunnel.app), in the embedded provisioning profile (security cms -D -i SimpleTunnel.app/embedded.mobileprovision), in the PacketTunnel.appex's entitlements in the PlugIns dir (codesign -d --entitlements :- SimpleTunnel.app/PlugIns/PacketTunnel.appex) but NOT in the latter's embedded provisioning profile. <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider</string> <string>app-proxy-provider</string> <string>content-filter-provider</string>That is to say, I don't get the above in the embedded provisioning profile when I run your last step, security cms -D -i SimpleTunnel.app/PlugIns/PacketTunnel.appex/embe
Topic: App & System Services SubTopic: Networking Tags:
Dec ’16
Reply to to what do these CSSM exceptions refer
+1I get these at a rate of ~2500/hr. Any ideas as to the cause?Here's a sampling of my error for reference:default 12:13:46.967910 -0500 launchservicesd CSSM Exception: -2147411889 CSSMERR_CL_UNKNOWN_TAG default 12:15:20.638688 -0500 securityd CSSM Exception: -2147411889 CSSMERR_CL_UNKNOWN_TAG default 12:57:32.587999 -0500 qlmanage CSSM Exception: -2147411889 CSSMERR_CL_UNKNOWN_TAG default 12:16:19.590449 -0500 codesign CSSM Exception: -2147411889 CSSMERR_CL_UNKNOWN_TAGIt comes from a variety of processes.
Topic: App & System Services SubTopic: Core OS Tags:
Dec ’16
How can I get the raw serial ID of a FAT SD volume in userspace?
I need to read the serial number from an SD card in order to identify the volume for a cross-platform application. This is the 4-byte identifier located at offset 440 on the device at /dev/rdiskX.On Linux and Windows, this number is obtained via blkid or udevadm, and getVolumeInformation() respectively - I wish to obtain this number in order to have the same identifier for the SD card available on the Mac version of the application.I can access the longer UUID generated from the serial ID using diskutil or msdos.util, however these utilities don't seem to expose the raw serial ID. The function fs_get_uuid_raw in the sourcefor msdos.util seems to read this information into a structure and then run an md5 hash to generate the final UUID. The required bytes can be obtained with the 'dd' command but permissions are a problem.crw-r----- 1 root operator 1, 6 Dec 14 19:27 /dev/rdisk3Running msdos.util as a user works because of some codesign permissions.
Topic: App & System Services SubTopic: Drivers Tags:
0
0
335
Dec ’16
Installation check failure
I have an app ready for the Mac App Store and have it packaged up ready to go. It's specified as compatible with Mac OS 10.7 upwards. I've tested installation on all the available systems here, 10.12.1, 10.11.6, 10.8.5 (2 machines) and 10.7.5. It's fine on all except the last. On 10.7.5 the installer immediately comes back with an Alert: xxx can't be installed on this computer. The installer log is no further help, after the preamble it comes to identifying the product, followed by 2 lines:Installation checks failedInstallation check failure. . xxx can't be installed on this computerIf I simply put the codesigned and sandboxed app into the Applications folder, it starts up and runs fine.How can I go further in investigating this?thanks,Richard
Topic: App Store Distribution & Marketing SubTopic: General Tags:
0
0
322
Dec ’16
Reply to App rejected for receipt validation failure
Deleted derived data, rearchived, and submitted with no code changes and the app passed review. Not sure if it's a compiler issue or a codesigning issue when uploading...or if it has something to do with how they test the receipt on their end. It seems unlikely that I'd be able to provide sufficient information to reproduce the bug, so I'm not going to file this one.
Topic: App Store Distribution & Marketing SubTopic: General Tags:
Dec ’16
Reply to SecKey API returned: -25304 libswiftAVFoundation.dylib: unknown error -1=ffffffffffffffff error: Task failed with exit 1 signal 0
I had the similar error like you.I wrote a customized shell script for jenkins triggered, like this.```#!/bin/bashARCHIVE_DIRECTORY=$(pwd)/archive/MyProject.xcarchiveKEYCHAIN_PATH=$(pwd)/productions.keychainxcodebuild -workspace MyProject.xcworkspace -scheme MyProject -configuration Release clean archive -archivePath $ARCHIVE_DIRECTORY DEVELOPMENT_TEAM=XXXXXXXXX OTHER_CODE_SIGN_FLAGS=--keychain ${KEYCHAIN_PATH}```It give me this error```sent 8324036 bytes received 70 bytes 5549404.00 bytes/sectotal size is 8322783 speedup is 1.00Code Signing /Users/Shared/Jenkins/Library/Developer/Xcode/DerivedData/MyProject-cqlsevgbiaqwmfdjmfvxrmxleebn/Build/Intermediates/ArchiveIntermediates/MyProject/InstallationBuildProductsLocation/Applications/MyProject.app/Frameworks/Alamofire.framework with Identity iPhone Developer: Awesome developer (XXXXXXXXXX)/usr/bin/codesign --force --sign 3341D7CE635CB81A90173ABBAA00FE7C7C2EF88D --keychain /Users/Shared/Jenkins/Home/jobs/MyProject-iOS/workspace/prod.keychain --preserve
Topic: Developer Tools & Services SubTopic: Xcode Tags:
Dec ’16
Reply to Xcode 8 recompiles every file every build
When I build my code sign is doing something like:CodeSign /Users/USER/Library/Developer/Xcode/DerivedData/XXXXXX-XXXXXX/Build/Products/Release-iphoneos/XXXXXX.app cd /Users/USER/Desktop/ZZZZZZ/XXXXXX/XXXXXX export CODESIGN_ALLOCATE=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate export PATH=/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Applications/Xcode.app/Contents/Developer/usr/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbinSigning Identity: iPhone Developer: XXXXXX (XXXXXX)Provisioning Profile: iOS Team Provisioning Profile: com.XXXXXX.XXXXXX (XXXXXX)/usr/bin/codesign --force --sign ZZZZZZ --entitlements /Users/USER/Library/Developer/Xcode/DerivedData/XXXXX-XXXXX/Build/Intermediates/XXXXX.build/Release-iphoneos/XXXXX.build/XXXXX.app.xcent --timestamp=none /Users/USER/Library/Developer/Xcode/DerivedData/XXXXX-XXXXX/Build/Products/Release-iphoneos/XXXXX.appSo, seems like there are limited options
Topic: Programming Languages SubTopic: Swift Tags:
Dec ’16
codesign framework in xcode8
try every possible solutions provides online but still have encountering the same issue.Signing Identity: - /usr/bin/codesign --force --sign - --timestamp=none /Users/name/Library/Developer/Xcode/DerivedData/-apmvzhzaqwfebxdecjbcwxytdvez/Build/Products/Release-iphonesimulator/.framework/Users/name/Library/Developer/Xcode/DerivedData/apmvzhzaqwfebxdecjbcwxytdvez/Build/Products/Release-iphonesimulator/.framework: bundle format unrecognized, invalid, or unsuitableCommand /usr/bin/codesign failed with exit code 1** BUILD FAILED **The following build commands failed: CodeSign /Users/name/Library/Developer/Xcode/DerivedData/-apmvzhzaqwfebxdecjbcwxytdvez/Build/Products/Release-iphonesimulator/.framework(1 failure)Command /bin/sh failed with exit code 65
Topic: Developer Tools & Services SubTopic: Xcode Tags:
2
0
896
Jan ’17
signing mac app with Developer ID certificate that includes timestamp
Recent changes to Xcode seem to have all builds including an Archive disabling the timestamp (--timestamp=none) when singing an application. It is expected that one use the Organizer and Export the application from there choosing Export a Developer ID-signed Application. Problem is that when I do so spctl (and Gatekeeper) reject the application:# spctl -a -t exec -vv <hidden>.app <hidden>.app: rejected origin=Developer ID Application: <hidden> INCIt gives no reason. And codesign seems to believe there is no problem:# codesign --verify --strict --verbose <hidden>.app <hidden>.app: valid on disk <hidden>.app: satisfies its Designated RequirementMy application is rather complex; however, previous to Xcode 8? when this all changed my application was being signed correctly during the Archive step. I can find no information about why spctl rejected the app.Is there any way to get additional information why it is failing?Is there a way to force the Archive step t
Topic: Code Signing SubTopic: Certificates, Identifiers & Profiles Tags:
2
0
1.5k
Jan ’17
Reply to Cannot sign OS X app with Developer ID certificate properly
Thanks a lot, that's exactly what I have. Build and signed on XCode without problem, but when I try to submit to iTuneConnect I got error:ERROR ITMS-90035: Invalid Signature. Code failed to satisfy specified code requirement(s). Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). ....codesign --display --requirements - --verbose=4 myapp.appI saw : TeamIdentifier=not setAfter half day research step onto your solution to check certificate permission and find out that I have `Always trust` set (with idea for CI builds not to promot). Then I change back to system default option (same as all other) and rebuild / sign, I got all signed ok. TeamIdentifier got set and ipa was accepted by iTunesConnet !
Topic: Code Signing SubTopic: General Tags:
Jan ’17
translocation
Hi all,My application is distributed as a .dmg file, which contains two signed .app applications.Per Apple's new policy with respect to app translocation, I codesign the .dmg file so that app translocation won't be applied when running the programs -- otherwise my first app is unable to find my second app in order to launch it: $ codesign -f -v -s Developer ID Application: Jeremys Company Name ./my_app.dmg... the codesigning appears to succeed, and I can verify that afterwards the .dmg file is signed: $ codesign -vvv ./my_app.dmg ./my_app.dmg: valid on disk ./my_app.dmg: satisfies its Designated Requirement... and yet, after I updated to 10.12.2 Beta (16C53a) and then install the .dmg file, the app translocation thing still happens every time I run my app.My question is, is this a regression bug in the 10.12.2 Beta, or am I doing something wrong?Thanks,Jeremy
Topic: App & System Services SubTopic: Core OS Tags:
Replies
1
Boosts
0
Views
911
Activity
Dec ’16
Reply to Simple tunnel build fails - NEAppProxyErrorDomain
Thanks, that explains it! I manged to make it build and run, now fighting with entitlements and provisioning profiles for the sample app but that's a different level of fun 🙂.Edit: after a few hours spent with figthing the XCode's The executable was fund with invalid entitlements, I have noticed this post related to missing com.apple.managed.vpn.shared entitlements when generating the Netwrok Extension entitlements via the website: https://forums.developer.apple.com/thread/67894.Likely to be connected to my issue and therefore shall I wait for an answer on that before banging my head aagainst the wall any further?Further on this, I did follow your Debugging Entitlement Issues and my provisioning profile entitlements seems to make sense and be consistent with the entitlements listed in the .app and .appex products of the template.Provisioning profile's entitlements: <key>Entitlements</key> <dict> <key>com.apple.developer.networking.networkextension</key> <array> <string&
Topic: App & System Services SubTopic: Networking Tags:
Replies
Boosts
Views
Activity
Dec ’16
Reply to Simple tunnel build fails - NEAppProxyErrorDomain
You shouldn’t need the com.apple.managed.vpn.shared keychain access group to get a VPN provider up and limping. It’s only necessary if you want to support managed VPN, where the device manager installs a client identity as part of a configuration profile such that your VPN provider can access it. <string>$MyTeamID$.com.apple.managed.vpn.shared</string>This is definitely not correct. The whole point of the com.apple.managed.vpn.shared keychain access group is that it’s not prefixed by your Team ID, and thus it’s shared by all VPN providers and the configuration profile machinery. Pasted in below in a dump of the entitlements and provisioning profiles for my testbed VPN app. I don’t have time right now to compare it with what you posted, but I figured your might find it helpful.Share and Enjoy — Quinn “The Eskimo!” Apple Developer Relations, Developer Technical Support, Core OS/Hardware let myEmail = eskimo + 1 + @apple.com$ codesign -d --entitlements :- QNEPacketTunnel.app Executable=…/QNE
Topic: App & System Services SubTopic: Networking Tags:
Replies
Boosts
Views
Activity
Dec ’16
Reply to Simple tunnel build fails - NEAppProxyErrorDomain
Interesting. Apart from fixing the com.apple.managed.vpn.shared keychain issue you outlined, I've double checked your dump with mines and there is a difference that seems a good hint.The network extension entitlements below are present in my product's entitlement (codesign -dentitlements SimpleTunnel.app), in the embedded provisioning profile (security cms -D -i SimpleTunnel.app/embedded.mobileprovision), in the PacketTunnel.appex's entitlements in the PlugIns dir (codesign -d --entitlements :- SimpleTunnel.app/PlugIns/PacketTunnel.appex) but NOT in the latter's embedded provisioning profile. <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider</string> <string>app-proxy-provider</string> <string>content-filter-provider</string>That is to say, I don't get the above in the embedded provisioning profile when I run your last step, security cms -D -i SimpleTunnel.app/PlugIns/PacketTunnel.appex/embe
Topic: App & System Services SubTopic: Networking Tags:
Replies
Boosts
Views
Activity
Dec ’16
Reply to Code Signing of pod very slow
Same issue here. Over 100% CPU usage as XCode codesigns for 20+ minutes.Can someone from Apple please look at this issue?
Topic: Developer Tools & Services SubTopic: General Tags:
Replies
Boosts
Views
Activity
Dec ’16
Reply to to what do these CSSM exceptions refer
+1I get these at a rate of ~2500/hr. Any ideas as to the cause?Here's a sampling of my error for reference:default 12:13:46.967910 -0500 launchservicesd CSSM Exception: -2147411889 CSSMERR_CL_UNKNOWN_TAG default 12:15:20.638688 -0500 securityd CSSM Exception: -2147411889 CSSMERR_CL_UNKNOWN_TAG default 12:57:32.587999 -0500 qlmanage CSSM Exception: -2147411889 CSSMERR_CL_UNKNOWN_TAG default 12:16:19.590449 -0500 codesign CSSM Exception: -2147411889 CSSMERR_CL_UNKNOWN_TAGIt comes from a variety of processes.
Topic: App & System Services SubTopic: Core OS Tags:
Replies
Boosts
Views
Activity
Dec ’16
How can I get the raw serial ID of a FAT SD volume in userspace?
I need to read the serial number from an SD card in order to identify the volume for a cross-platform application. This is the 4-byte identifier located at offset 440 on the device at /dev/rdiskX.On Linux and Windows, this number is obtained via blkid or udevadm, and getVolumeInformation() respectively - I wish to obtain this number in order to have the same identifier for the SD card available on the Mac version of the application.I can access the longer UUID generated from the serial ID using diskutil or msdos.util, however these utilities don't seem to expose the raw serial ID. The function fs_get_uuid_raw in the sourcefor msdos.util seems to read this information into a structure and then run an md5 hash to generate the final UUID. The required bytes can be obtained with the 'dd' command but permissions are a problem.crw-r----- 1 root operator 1, 6 Dec 14 19:27 /dev/rdisk3Running msdos.util as a user works because of some codesign permissions.
Topic: App & System Services SubTopic: Drivers Tags:
Replies
0
Boosts
0
Views
335
Activity
Dec ’16
Installation check failure
I have an app ready for the Mac App Store and have it packaged up ready to go. It's specified as compatible with Mac OS 10.7 upwards. I've tested installation on all the available systems here, 10.12.1, 10.11.6, 10.8.5 (2 machines) and 10.7.5. It's fine on all except the last. On 10.7.5 the installer immediately comes back with an Alert: xxx can't be installed on this computer. The installer log is no further help, after the preamble it comes to identifying the product, followed by 2 lines:Installation checks failedInstallation check failure. . xxx can't be installed on this computerIf I simply put the codesigned and sandboxed app into the Applications folder, it starts up and runs fine.How can I go further in investigating this?thanks,Richard
Topic: App Store Distribution & Marketing SubTopic: General Tags:
Replies
0
Boosts
0
Views
322
Activity
Dec ’16
Reply to App rejected for receipt validation failure
Deleted derived data, rearchived, and submitted with no code changes and the app passed review. Not sure if it's a compiler issue or a codesigning issue when uploading...or if it has something to do with how they test the receipt on their end. It seems unlikely that I'd be able to provide sufficient information to reproduce the bug, so I'm not going to file this one.
Topic: App Store Distribution & Marketing SubTopic: General Tags:
Replies
Boosts
Views
Activity
Dec ’16
Reply to code has no resources but signature indicates they must be present?
FWIW, I am embarrassed to say that I made things much more difficult than they had to be. Simply codesigning the jdk plug-in before signing the application itself is needed. This is the only change needed to make the ButtonDemo.app work.
Topic: Code Signing SubTopic: General Tags:
Replies
Boosts
Views
Activity
Dec ’16
Reply to SecKey API returned: -25304 libswiftAVFoundation.dylib: unknown error -1=ffffffffffffffff error: Task failed with exit 1 signal 0
I had the similar error like you.I wrote a customized shell script for jenkins triggered, like this.```#!/bin/bashARCHIVE_DIRECTORY=$(pwd)/archive/MyProject.xcarchiveKEYCHAIN_PATH=$(pwd)/productions.keychainxcodebuild -workspace MyProject.xcworkspace -scheme MyProject -configuration Release clean archive -archivePath $ARCHIVE_DIRECTORY DEVELOPMENT_TEAM=XXXXXXXXX OTHER_CODE_SIGN_FLAGS=--keychain ${KEYCHAIN_PATH}```It give me this error```sent 8324036 bytes received 70 bytes 5549404.00 bytes/sectotal size is 8322783 speedup is 1.00Code Signing /Users/Shared/Jenkins/Library/Developer/Xcode/DerivedData/MyProject-cqlsevgbiaqwmfdjmfvxrmxleebn/Build/Intermediates/ArchiveIntermediates/MyProject/InstallationBuildProductsLocation/Applications/MyProject.app/Frameworks/Alamofire.framework with Identity iPhone Developer: Awesome developer (XXXXXXXXXX)/usr/bin/codesign --force --sign 3341D7CE635CB81A90173ABBAA00FE7C7C2EF88D --keychain /Users/Shared/Jenkins/Home/jobs/MyProject-iOS/workspace/prod.keychain --preserve
Topic: Developer Tools & Services SubTopic: Xcode Tags:
Replies
Boosts
Views
Activity
Dec ’16
Reply to Xcode 8 recompiles every file every build
When I build my code sign is doing something like:CodeSign /Users/USER/Library/Developer/Xcode/DerivedData/XXXXXX-XXXXXX/Build/Products/Release-iphoneos/XXXXXX.app cd /Users/USER/Desktop/ZZZZZZ/XXXXXX/XXXXXX export CODESIGN_ALLOCATE=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate export PATH=/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Applications/Xcode.app/Contents/Developer/usr/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbinSigning Identity: iPhone Developer: XXXXXX (XXXXXX)Provisioning Profile: iOS Team Provisioning Profile: com.XXXXXX.XXXXXX (XXXXXX)/usr/bin/codesign --force --sign ZZZZZZ --entitlements /Users/USER/Library/Developer/Xcode/DerivedData/XXXXX-XXXXX/Build/Intermediates/XXXXX.build/Release-iphoneos/XXXXX.build/XXXXX.app.xcent --timestamp=none /Users/USER/Library/Developer/Xcode/DerivedData/XXXXX-XXXXX/Build/Products/Release-iphoneos/XXXXX.appSo, seems like there are limited options
Topic: Programming Languages SubTopic: Swift Tags:
Replies
Boosts
Views
Activity
Dec ’16
codesign framework in xcode8
try every possible solutions provides online but still have encountering the same issue.Signing Identity: - /usr/bin/codesign --force --sign - --timestamp=none /Users/name/Library/Developer/Xcode/DerivedData/-apmvzhzaqwfebxdecjbcwxytdvez/Build/Products/Release-iphonesimulator/.framework/Users/name/Library/Developer/Xcode/DerivedData/apmvzhzaqwfebxdecjbcwxytdvez/Build/Products/Release-iphonesimulator/.framework: bundle format unrecognized, invalid, or unsuitableCommand /usr/bin/codesign failed with exit code 1** BUILD FAILED **The following build commands failed: CodeSign /Users/name/Library/Developer/Xcode/DerivedData/-apmvzhzaqwfebxdecjbcwxytdvez/Build/Products/Release-iphonesimulator/.framework(1 failure)Command /bin/sh failed with exit code 65
Topic: Developer Tools & Services SubTopic: Xcode Tags:
Replies
2
Boosts
0
Views
896
Activity
Jan ’17
signing mac app with Developer ID certificate that includes timestamp
Recent changes to Xcode seem to have all builds including an Archive disabling the timestamp (--timestamp=none) when singing an application. It is expected that one use the Organizer and Export the application from there choosing Export a Developer ID-signed Application. Problem is that when I do so spctl (and Gatekeeper) reject the application:# spctl -a -t exec -vv <hidden>.app <hidden>.app: rejected origin=Developer ID Application: <hidden> INCIt gives no reason. And codesign seems to believe there is no problem:# codesign --verify --strict --verbose <hidden>.app <hidden>.app: valid on disk <hidden>.app: satisfies its Designated RequirementMy application is rather complex; however, previous to Xcode 8? when this all changed my application was being signed correctly during the Archive step. I can find no information about why spctl rejected the app.Is there any way to get additional information why it is failing?Is there a way to force the Archive step t
Topic: Code Signing SubTopic: Certificates, Identifiers & Profiles Tags:
Replies
2
Boosts
0
Views
1.5k
Activity
Jan ’17
Reply to Cannot sign OS X app with Developer ID certificate properly
Thanks a lot, that's exactly what I have. Build and signed on XCode without problem, but when I try to submit to iTuneConnect I got error:ERROR ITMS-90035: Invalid Signature. Code failed to satisfy specified code requirement(s). Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). ....codesign --display --requirements - --verbose=4 myapp.appI saw : TeamIdentifier=not setAfter half day research step onto your solution to check certificate permission and find out that I have `Always trust` set (with idea for CI builds not to promot). Then I change back to system default option (same as all other) and rebuild / sign, I got all signed ok. TeamIdentifier got set and ipa was accepted by iTunesConnet !
Topic: Code Signing SubTopic: General Tags:
Replies
Boosts
Views
Activity
Jan ’17