Hello, I am a new macOS developer. I've been working on my first Mac application and I am trying to notarize it for distribution using notarytool. However, I've encountered a persistent issue where all my submissions are stuck in the "In Progress" status for several days. As this is my first time going through this process, I initially thought I might have done something wrong. However, I have verified my app with codesign --verify --verbose --deep and it returns "valid on disk" and "satisfies its Designated Requirement". I have also tried bumping the version from 0.1.0 to 0.1.1 and removing spaces from the file names, but the new submission is also stuck. Stuck Submission History (Total 4 submissions): ID: 8cb4aebb-e2d5-4091-b279-18272c3a6ca9 (Created: 2026-04-03 - Latest) ID: 0e9a3584-1a21-471a-bc72-4da3f98e2683 (Created: 2026-04-02) ID: 59b70ef1-0b8e-480d-ba33-df872a691610 (Created: 2026-04-01) ID: 685d8fdb-1e55-4cdd-8203-688991c50dd3 (Created: 2026-04-01) As a first-time developer, it’s frustrating to see these initial submissions hang for so long without any logs or errors to troubleshoot. Is there any specific reason why a first-time submission for a new Mac app might be queued this long? I would appreciate it if someone from Apple could help clear these stuck submissions or provide some guidance as to what might be causing this delay. Thank you very much.

Hi everyone, I'm building an app in Xcode 16.4 with a minimum deployment target of iOS 12. The last time I built with this configuration was November 2025 — that build worked perfectly fine. I'm aware that builds from Xcode 16.4 will no longer be accepted by Apple after April 28, 2026, so I decided to push one final update before that deadline. Here's what I did: Built the app with no changes to build settings Uploaded to TestFlight Tested on iOS 12, iOS 26, and a few other versions — everything looked good Passed App Review Published to the App Store Now users on iOS 12 are reporting that the app crashes immediately on launch. Users on iOS 13-26 are unaffected. We've effectively lost a significant portion of our users overnight. We'd really like to restore functionality for them before April 28 — after that we plan to raise the minimum deployment target anyway. There are no crash logs available, as the app appears to never reach application code at all. Below are the relevant logs from Console.app: default 16:33:49.012231+0400 SpringBoard Bootstrapping MY_BUNDLE_ID with intent foreground-interactive error 16:33:49.021533+0400 SpringBoard [MY_BUNDLE_ID] Bootstrap failed with error: <NSError: 0x280f59aa0; domain: BKSProcessErrorDomain; code: 1 (bootstrap-failed); reason: "Failed to start job"> error 16:33:49.021748+0400 SpringBoard Bootstrapping failed for <FBApplicationProcess: 0x101cb4070; MY_BUNDLE_ID; pid: -1> with error: Error Domain=BKSProcessErrorDomain Code=1 "Unable to bootstrap process with bundleID MY_BUNDLE_ID" UserInfo={NSLocalizedDescription=Unable to bootstrap process with bundleID MY_BUNDLE_ID, BKSProcessExitReason=0, NSLocalizedFailureReason=Failed to start job, NSUnderlyingError=0x280f58780 {Error Domain=NSPOSIXErrorDomain Code=3 "No such process" UserInfo={NSLocalizedFailureReason=The process failed to exec, NSLocalizedRecoverySuggestion=Consult /var/log/com.apple.xpc.launchd/launchd.log for more information, NSLocalizedDescription=Unable to get valid task name port right for pid 241}}, BSErrorCodeDescription=bootstrap-failed} default 16:33:49.021934+0400 SpringBoard Adding: <FBApplicationProcess: 0x101cb4070; MY_BUNDLE_ID; pid: -1> default 16:33:49.022111+0400 SpringBoard <FBApplicationProcess: 0x101cb4070; MY_BUNDLE_ID; pid: -1> exited. default 16:33:49.023325+0400 SpringBoard Removing: <FBApplicationProcess: 0x101cb4070; MY_BUNDLE_ID; pid: -1> default 16:33:49.039576+0400 assertiond Submitting new job for "MY_BUNDLE_ID" on behalf of <BKProcess: 0x100d119f0; SpringBoard; com.apple.springboard; pid: 48; agency: SystemShell; visibility: foreground; task: running> default 16:33:49.039982+0400 assertiond Submitted job with label: UIKitApplication:MY_BUNDLE_ID[0xed03][58] error 16:33:49.040128+0400 assertiond Unable to obtain a task name port right for pid 241: (os/kern) failure (0x5) error 16:33:49.040286+0400 assertiond Failed to start job with error <NSError: 0x100c3f180; domain: NSPOSIXErrorDomain; code: 3; reason: "The process failed to exec"> { description = "Unable to get valid task name port right for pid 241"; failureReason = "The process failed to exec"; recoverySuggestion = "Consult /var/log/com.apple.xpc.launchd/launchd.log for more information"; Has anyone encountered this recently? Any help would be greatly appreciated. P.S. I tried rebuilding from scratch without any code changes and uploading a fresh build to TestFlight — but now it won't even launch from TestFlight on iOS 12.

We have an app with the default email entitlement that was granted several years ago. During our latest deployment, we received an error from our pipeline. When testing a manual submission in Xcode, we saw this error: Entitlement com.apple.developer.mail-client not found and could not be included in profile. This likely is not a valid entitlement and should be removed from your entitlements file. We checked the provisioning profile, and the default email entitlement is still present. It is visible on the certificate portal and also in the embedded.mobileprovision file. Can you suggest what we can do to release a new version of our app?

Hi, My first notarization submission has been stuck in "In Progress" for several hours with no status change. I'm wondering if it's being held for in-depth analysis given the nature of the app. The app is a macOS dictation utility triggered by a global hotkey. It captures audio input, transcribes it, and pastes the result at the cursor position in whatever app the user is focused on. Because of how it works, it relies on a combination of APIs that may be less common in typical submissions: continuous microphone access, programmatic clipboard manipulation, global keyboard event monitoring, and Accessibility APIs to inject text into the frontmost application. This is the first submission for this app, so there's no prior notarization history for the system to learn from. Is this the kind of profile that typically triggers in-depth analysis? Is there anything I should check or provide, or is waiting the right move here? Thanks

I have a macOS VPN app with a Network Extension (packet tunnel provider) distributed outside the App Store via Developer ID. Everything works perfectly when running from Xcode. After archiving and exporting for Developer ID distribution, the extension launches but immediately gets killed by nesessionmanager. The error: Signature check failed: code failed to satisfy specified code requirement(s) followed by: started with PID 0 status changed to disconnected, last stop reason Plugin failed What makes this interesting: the extension process does launch. AMFI approves it, taskgated-helper validates the provisioning profile and says allowing entitlement(s) due to provisioning profile, the sandbox is applied, PacketTunnelProvider is created — but then Apple's Security framework internally fails the designated requirement check and nesessionmanager kills the session. Key log sequence: taskgated-helper: Checking profile: Developer ID - MacOS WireGuardExtension taskgated-helper: allowing entitlement(s) for com.xx.xx.WireGuardNetworkExtension due to provisioning profile (isUPP: 1) WireGuardNetworkExtensionMac: AppSandbox request successful WireGuardNetworkExtensionMac: creating principle object: PacketTunnelProvider WireGuardNetworkExtensionMac: Signature check failed: code failed to satisfy specified code requirement(s) nesessionmanager: started with PID 0 error (null) nesessionmanager: status changed to disconnected, last stop reason Plugin failed Setup: macOS 15, Xcode 16 Developer ID Application certificate Manual code signing, Developer ID provisioning profiles with Network Extensions capability Extension in Contents/PlugIns/ (standard appex, not System Extension) Extension entitlement: packet-tunnel-provider-systemextension NSExtensionPointIdentifier: com.apple.networkextension.packet-tunnel codesign --verify --deep --strict PASSES on the exported app Hardened runtime enabled on all targets What I've verified: Both app and extension have matching TeamIdentifier Both are signed with the same Developer ID Application certificate The designated requirement correctly references the cert's OIDs The provisioning profiles are valid and taskgated-helper explicitly approves them No custom signature validation code exists in the extension — the "Signature check failed" comes from Apple's Security framework What I've tried (all produce the same error): Normal Xcode archive + export (Direct Distribution) Manual build + sign script (bypassing Xcode export entirely) Stripping all signatures and re-signing from scratch Different provisioning profiles (freshly generated) Comparison with official WireGuard app: I noticed the official WireGuard macOS app (which works with Developer ID) uses packet-tunnel-provider (without -systemextension suffix) in its entitlements. My app uses packet-tunnel-provider-systemextension. However, I cannot switch to the non-systemextension variant because the provisioning profiles from Apple Developer portal always include the -systemextension variants when "Network Extensions" capability is enabled, and AMFI rejects the mismatch. Questions: Is there a known issue with packet-tunnel-provider-systemextension entitlement + PlugIn-based Network Extension + Developer ID signing? Should the extension be using packet-tunnel-provider (without -systemextension) for Developer ID distribution? If so, how do I get a provisioning profile that allows it? The "Signature check failed" happens after taskgated-helper approves the profile — what additional code requirement check is the NE framework performing, and how can I satisfy it? Any guidance would be appreciated. I've exhausted all signing approaches I can think of.

Hello, At work, we want to release a new version of our cross-platform desktop application this week. Unfortunately, I've had issues getting the dmg signed by the Apple notary service, which will delay the release until it's successful. However, I remade and successfully signed the previously released version (also dmg) with the same credentials, so I know it's not a problem with the file format or my account. I have tried the following to no avail: Lots of Googling Running xcrun notarytool submit with the -v option (verbose) to see more error messages Going to the URL given (appstoreconnect.apple.com/notary/v2/submissions/{submission_id}) and examining the file it downloaded (not much info, let alone helpful info) Contacting Apple developer support over the phone (they couldn't help with this particular issue, since it's "code-level support") The only big change we made this time was switching to Maven for our build tool and dependency management (we previously used Ant with manual dependency management). Does anyone here have any insight? Is there a list of known issues or dependencies that will cause a submission to be invalidated? Or, even better, any way to see why the submission is invalid? Thanks.

In my application I validate the authenticity of my own binaries by checking that the Team Identifier in the code signature matches a predefined value. Currently I do not perform a full signature validation that verifies the certificate chain up to Apple’s root CA. When attempting to do this using SecStaticCodeCheckValidityWithErrors (or validateWithRequirement), the operation sometimes takes several minutes. During that time the calling thread appears blocked, and the system logs show: trustd: [com.apple.securityd:SecError] Malformed anchor records, not an array Because of this delay, I decided to rely only on the Team Identifier. My question is: Can it be assumed that if a Mach-O binary contains a Team Identifier in its code signature, then it must have been signed with a valid Apple Developer certificate? Or are there cases where a binary could contain a Team ID but still not be signed by Apple’s trust chain? Thanks for the help !

All of my notarization submissions have been stuck at "In Progress" for up to 10 days. I have 6 submissions spanning from March 4 to March 11, 2026, and none of them have completed or returned any errors. Affected submissions: dbf20b57-0073-444a-b09a-ac6747b7398e (submitted Mar 4) — In Progress d5886683-be64-455c-805d-cd8b12bbcd35 (submitted Mar 4) — In Progress 10bfa709-da17-49cf-9c89-63f93b5fb756 (submitted Mar 4) — In Progress e8d0866e-43f8-4a18-8129-64e6c5d3895a (submitted Mar 9) — In Progress f9526f25-5650-4c45-98ae-d778c58a2ffa (submitted Mar 9) — In Progress 82ec211f-9179-41fd-afe0-937c9b2c2750 (submitted Mar 11) — In Progress Running `notarytool log` returns "Submission log is not yet available." Team ID: CB4U5M6U9H It is an Electron-based app built with electron-builder. Steps taken to ensure compliance: Signed with a valid Developer ID Application certificate Hardened runtime enabled (hardenedRuntime: true) Proper entitlements configured (com.apple.security.cs.allow-jit, com.apple.security.cs.allow-unsigned-executable-memory, com.apple.security.cs.disable-library-validation) Entitlements inherited for child processes via entitlements.mac.inherit.plist Electron Fuses configured to disable Node.js CLI flags in production (resetAdHocDarwinSignature enabled) App submitted as a zip archive via notarytool submit I've tried resubmitting multiple times across different builds, but all submissions remain stuck. I also have an open support case (102836201208) that was escalated to Senior Advisors on March 11, but have not received any update. Could someone from the notarization team please investigate?

I have an app for iOS already on the AppStore and I'm trying to add a macOS version of it. The AppID prefix for this app is different than my Team ID. This mismatch was always fine for submitting my iOS app. However for some reason, the macOS version gets rejected when I upload it. It tells me the AppID prefix must match my Team ID. I do not control my TeamID and I do not control my AppID prefix, they are both given to me by Apple. Yet the error message tells me they must match. How do I get past this? Here is the error message: Validation failed Invalid code signing entitlements. Your application bundle's signature contains code signing entitlements that aren't supported on macOS. Specifically, the "APPID_PREFIX.MY_BUNDLE_ID" value for the com.apple.application-identifier key in "MY_PACKAGE" isn't supported. This value should be a string that starts with your Team ID, followed by a dot ('"), followed by the bundle ID. (ID: 930b77ae-099f-4798-a14a-2803f2a9be9e) Thanks in advance for any pointer.

I've seen a couple posts on reddit today but wanted to call out here because I think it may be a more widespread issue - I keep getting an error trying to open my iOS app saying "Unable to verify app - An internet connection is required to verify trust of the developer...". I have never gotten this issue before and did not change anything in my build settings from my last successful build of the app to now. The directions it gives me are to go to Settings > General > VPN and Device Management and trust my developer certificate from there, but that doesn't work either. The first time I tried this, the developer certificate wasn't there at all, then I looked at Reddit and saw people recommending to download the developer certificate to solve the issue, but doing this did not fix the error either. Just looking to see if anyone else has encountered this or what the fix might be.

As it has already been reported elsewehere, I also face the problem of endless waiting time for my submissions to be notarized. This prevents me from shipping a new release. A waiting/processing time of multiple days is simply unacceptable. I kindly request to fix this.

Hi, I'm a new Developer ID account holder submitting my first app for notarization. All submissions have been stuck "In Progress" for 72+ hours. Apple System Status has shown all services operational throughout. Team ID: 4L9YA7S99L $ xcrun notarytool history --keychain-profile "blackbox" Successfully received submission history. history -------------------------------------------------- createdDate: 2026-03-09T11:19:41.697Z id: 2c0cdf3d-a3ac-4d86-8eb0-2f601b2d09c5 name: Blackbox-0.2.0.dmg status: In Progress -------------------------------------------------- createdDate: 2026-03-07T18:11:37.660Z id: 5ab09d84-b2e2-4738-9b63-100a7dd46882 name: Blackbox-0.1.0.dmg status: In Progress -------------------------------------------------- createdDate: 2026-03-06T22:47:21.410Z id: 1c90fa3e-c52a-4468-8056-06ff5d7d3752 name: Blackbox-0.1.0.dmg status: In Progress -------------------------------------------------- createdDate: 2026-03-06T22:34:55.803Z id: 4bbd6f77-7ff6-445f-817c-21f9909dfe7a name: Blackbox-0.1.0.dmg status: In Progress -------------------------------------------------- createdDate: 2026-03-06T21:28:26.904Z id: 3c63ed16-be5d-4900-b82d-5df9557a47b4 name: Blackbox-0.1.0.dmg status: In Progress -------------------------------------------------- createdDate: 2026-03-06T21:24:14.558Z id: 76df3f18-57a1-49b7-87e2-3f2bf0e4e6d5 name: Blackbox-0.1.0.dmg status: Invalid The Invalid submission (76df3f18) was error 4000 due to unsigned binaries in a bundled framework. That's been fixed in all subsequent submissions. The app is a small macOS menu bar utility (~2 MB DMG), signed with Developer ID Application certificate, hardened runtime enabled, no restricted entitlements. codesign --verify --deep --strict and spctl --assess --type execute both pass locally. Is there a known processing delay for first-time Developer ID accounts, or could something be stuck on the backend? Thanks for any guidance.

I'm distributing a macOS .pkg installer signed with Developer ID Installer and notarized via notarytool. On macOS 26.3 (Tahoe, Build 25D125), the package is rejected by Gatekeeper when downloaded from the internet. What works: pkgutil --check-signature → signed, Developer ID Installer, full chain (G2 intermediate + Apple Root CA) xcrun stapler validate → "The validate action worked!" xcrun notarytool info <id> → status: Accepted The .app inside the .pkg passes spctl -a -vvv → "accepted, source=Notarized Developer ID" What fails: spctl -a -vvv --type install mypackage.pkg → rejected, origin=Developer ID Installer Raw assessment: assessment:remote = true, assessment:verdict = false Double-clicking the downloaded .pkg shows only "Move to Trash" / "Done" (no "Open" option) syspolicyd log: meetsDeveloperIDLegacyAllowedPolicy = 0 (expected, since the cert is new), but no "notarized" match is logged Certificate details: Developer ID Installer, issued Feb 28, 2026, valid until 2031 OID 1.2.840.113635.100.6.1.14 (Developer ID Installer) — critical OID 1.2.840.113635.100.6.1.33 — timestamp 20260215000000Z Intermediate: Developer ID Certification Authority G2 (OID 1.2.840.113635.100.6.2.6) security verify-cert → certificate verification successful Build process: productbuild --distribution ... --sign <SHA1> (also tried productsign) Both produce: Warning: unable to build chain to self-signed root xcrun notarytool submit → Accepted xcrun stapler staple → worked Workaround: xattr -d com.apple.quarantine ~/Downloads/mypackage.pkg allows opening the installer. Question: Is spctl --type install assessment expected to work differently on macOS 26 Tahoe? The same signing and notarization workflow produces .app bundles that pass Gatekeeper, but .pkg installers are rejected. Is there a new requirement for .pkg distribution on macOS 26? Environment: macOS 26.3 (25D125), Xcode CLT 26.3

Hello We have a pkg installer whose signing certificate is expiring next month. It has a trusted timestamp on it. As per https://developer.apple.com/support/certificates/ it states Developer ID Installer Certificate (Mac applications) If your certificate expires, users can still install packages that were signed with this certificate as long as the package includes a trusted timestamp. Previously installed apps will continue to run. However, new installations won’t be possible until you have re-signed your installer package with a valid Developer ID Installer certificate. If your certificate is revoked, users will no longer be able to install applications that have been signed with this certificate. Wanted to check on behavior for new installations post expiration date. Since the installer has a trusted timestamp we would not need to release a new installer with new cert ?? Any guidance here would be much appreciated.

Le build iOS via EAS échoue systématiquement lors de la phase Xcode. Bien que les capacités Family Controls et App Groups soient activées sur le portail Apple Developer et configurées dans le app.json, les profils de provisionnement générés par EAS sont rejetés par Xcode car ils ne contiendraient pas les droits nécessaires. Configuration du projet : Targets (4) : App principale + 3 extensions (ShieldConfiguration, ShieldAction, ActivityMonitorExtension). Capabilities requises : Family Controls (Development), App Groups. EAS CLI Version : 18.0.6 (et versions antérieures testées). Erreur Xcode récurrente : error: Provisioning profile "[expo] com.*****.*** AdHoc 177230..." doesn't support the Family Controls (Development) capability.. error: Provisioning profile "... AdHoc ..." doesn't include the com.apple.developer.family-controls entitlement.. Ce qui a déjà été tenté (sans succès) : Configuration app.json : Ajout manuel des entitlements pour le bundle principal et configuration du plugin react-native-device-activity. Nettoyage Credentials : Suppression totale des profils et des identifiants sur le site Expo.dev ET sur le portail Apple Developer. +1 Forçage Sync : Utilisation de eas build --clear-cache et réponse "No" à la réutilisation des profils existants. Observation étrange : Le terminal indique souvent ✔ Synced capabilities: No updates, alors que les droits viennent d'être modifiés sur le portail Apple. Sur le portail Apple, les profils affichent pourtant bien "Family Controls (Development)" dans les capacités activées. Je met en piece jointe un des profiles.

Made a notarization request a few hours ago and woke up to check the history and it's no longer available. Not rejected/accepted just not found. I have gone ahead to make another request but I have no confidence because I expect the same thing to happen again. Any guidance? See logs below: daramfon@MacBook-Pro-3 frontend % xcrun notarytool history --apple-id "$APPLE_ID" --password "$APPLE_APP_SPECIFIC_PASSWORD" --team-id "$APPLE_TEAM_ID" Successfully received submission history. history -------------------------------------------------- createdDate: 2026-02-20T23:53:14.066Z id: 6f2fadc0-2e8f-4331-a253-68f81334ebc6 name: Speakeasy AI-0.1.0-arm64.zip status: In Progress -------------------------------------------------- createdDate: 2026-02-20T23:47:12.897Z id: 435aec4f-5356-49a5-898d-48aaafb7949f name: Speakeasy AI.zip status: In Progress -------------------------------------------------- createdDate: 2026-02-20T22:35:23.947Z id: 95896757-873a-4e54-a527-03dc767c9cb5 name: Speakeasy AI.zip status: In Progress daramfon@MacBook-Pro-3 frontend % xcrun notarytool history --apple-id "$APPLE_ID" --password "$APPLE_APP_SPECIFIC_PASSWORD" --team-id "$APPLE_TEAM_ID" No submission history. daramfon@MacBook-Pro-3 frontend % xcrun notarytool info 6f2fadc0-2e8f-4331-a253-68f81334ebc6 --apple-id "$APPLE_ID" --password "$APPLE_APP_SPECIFIC_PASSWORD" --team-id "$APPLE_TEAM_ID" Submission does not exist or does not belong to your team. id: 6f2fadc0-2e8f-4331-a253-68f81334ebc6

On our public Apple account we have distribution certificates that work for all Apple platforms. On our Enterprise account it will only generate iOS distribution certificates. Apple support did not provide any concrete solutions, only pointing us to the general docs. Any suggestions?

How do you renew a "Developer ID Application" certificate? Should there be a "renew" button on the expiration date? Or can you renew it sooner? Or are you required to create a new certificate? Does this count against your limit of five Developer ID Application certificates? I thought there was a way to renew it, but I don't see that option. I also couldn't find any Apple documentation about how to renew, only how to create and how there's a limit to how many you can create.

I am curious as to know if i calculate the checksum of an ipa file and upload the same to app store, and then after installing the app on my device, if i extract the ipa file and compare the checksum will it match? or will it vary from device to device, because of bitcode and app thinning slicing? Some banks have been showing ipa file checksums on their websites, and even inside their apps and showing messages like checksum matches! i was just curious as to know how would one go about validating this!? Or is this even possible, what about the checksum of the executable at runtime? Can we check this? will it match?

Hi everyone, I am struggling with a persistent issue regarding my Developer Program membership and Xcode syncing. Even though the Apple Developer Portal shows that my developer license is active and I have full access to App Store Connect, it is unfortunately not possible to sign applications with this account. It behaves as if the license wasn't active. The Symptoms: -Portal status: Active (Account Holder/Admin), -Xcode Settings: When I navigate to Settings > Accounts and select my team, there is a Red X displayed next to "Certificates, Identifiers & Profiles.", Xcode suggests there is an issue accessing these resources and I cannot sign any binaries. Confirmed the membership is active in the web portal. Everything seems configured correctly on the web side, but the account simply doesn't work locally in Xcode. Has anyone faced this specific "Red X" issue despite a valid membership? Is there a specific cache I need to clear or a way to force Xcode to re-fetch the correct status? Any advice on how to resolve this loop would be greatly appreciated. Thanks! :)