I'm facing an issue with revoking an iOS Development certificate in the Apple Developer Console. The certificate is in "Pending Approval" status, and when I attempt to revoke it, I receive the following error: "The specified resource does not exist. There is no certificate with ID 'XXXXXXXXX' on this team." Despite this error, the certificate still appears in my list, and the only available action remains "Revoke." Steps I've tried so far: Refreshed the page and cleared the browser cache Logged out and back into my Developer account Tried using different browsers (Safari, Chrome) Checked Xcode > Preferences > Accounts for certificate status Contacting Apple Support (Not response since over 3 weeks) Additional Info: The certificate type is iOS Development, not Distribution. The status has been "Pending Approval" since creation.

I am developing and distributing an XCFramework, and I want to ensure that it remains valid for as long as possible. I have some questions regarding certificate expiration and revocation: I understand that if an XCFramework is signed with a timestamp, it remains valid even after the signing certificate expires. However, if the signing certificate is revoked, the XCFramework immediately becomes unusable. As far as I know, Apple allows a maximum of two active distribution certificates at the same time. I assume that once a certificate expires, it will eventually need to be revoked in order to issue a third certificate. Is this correct? If an expired certificate is later revoked, will the XCFrameworks signed with that certificate also become invalid, even though they were timestamped? I want to ensure that released XCFrameworks remain valid for as long as possible. What is the best approach to achieve this? If anyone has insights or official documentation references on how to manage signing certificates for long-term XCFramework validity, I would appreciate your guidance. Thank you!

I'm using libxpc in a C server and Swift client. I set up a code-signing requirement in the server using xpc_connection_set_peer_code_signing_requirement(). However, when the client doesn't meet the requirement, the server just closes the connection, and I get XPC_ERROR_CONNECTION_INTERRUPTED on the client side instead of XPC_ERROR_PEER_CODE_SIGNING_REQUIREMENT, making debugging harder. What I want: To receive XPC_ERROR_PEER_CODE_SIGNING_REQUIREMENT on the client when code-signing fails, for better debugging. What I’ve tried: Using xpc_connection_set_peer_code_signing_requirement(), but it causes the connection to be dropped immediately. Questions: Why does the server close the connection without sending the expected error? How can I receive the correct error on the client side? Are there any other methods for debugging code-signing failures with libxpc? Thanks for any insights!

After I upgraded to macOS 15.3, all of my current Xcode project have the signing issue, I spent half day and I didn't make any progress, I tried two projects, one is Swift AppKit App calling one C++ dylib, another one is a pure Swift AppKit app, when I build, there will be error: Warning: unable to build chain to self-signed root for signer "Apple Development: Steven Tang (XXXXX)" /Volumes/TwoTSSD/steventang/Library/Developer/Xcode/DerivedData/ImageEnhancement-ddbilgyraofrdyfeljyuknusunza/Build/Products/Release/ImageEnhancement.app: errSecInternalComponent I tried remove account, add account back in Xcode, none of it worked, also tried ChatGPT's WWDR updating and it won't help.

I have created a XPC server and client using C APIs. I want to ensure that I trust the client, so I want to have a codesigning requirement on the server side, something like - xpc_connection_set_peer_code_signing_requirement(listener, "anchor apple generic and certificate leaf[subject.OU] = \"1234567\"") This checks if the client code was signed by a code-signing-identity issued by Apple and that the teamID in the leaf certificate is 1234567. My questions are- Is using teamID as a signing requirement enough? What else can I add to this requirement to make it more secure? How does xpc_connection_set_peer_code_signing_requirement work internally? Does it do any cryptographic operations to verify the clients signature or does it simply do string matching on the teamID? Is there a way actually verify the clients signature(cryptographically) before establishing a connection with the server? (so we know the client is who he claims to be)

How do I replace an Apple Developer ID Certificate that indicates it is not trusted? When I look at my Certificate Expiring 02-20-2025, I see a valid status displayed. (See annotation #1.) However, when I look at my Apple Developer ID Certificate renewal, I see the words not trusted. (See annotation #2.) I downloaded the renewal certificate and double double-clicked the downloaded item to place it in my KeyChain. This certificate period is from 01-21-2025 to 01-22-2030. QUESTIONS Why does the renewal certificate say "certificate is not trusted"? (Its period is 01-21-2025 to 01-22-2030. Today is 01-27-2025.) How did the renewal certificate get damaged? What must I do to get the damaged certificate replaced with a valid one?

Hello, first of all thanks for reading my post. I am having a trouble about Signing & Capabilities part on Xcode during few days. Hope someone knows how to deal with this. I created a Apple Development certificate with CSR on my MacOS through KeyChain but the Team ID(VC78G4S77J) on this certificate is different with my real Team ID(FYF9AT8ZA8) logged in. I don't even know where this 'VC78G4S77J' came from. Also I created the identifier, bundle ID, device and profile but they were all created with 'FYF9AT8ZA8'. So here is the problem. On Xcode Signing & Capabilities section, I selected Team and put Bundle Identifier connected with 'FYF9AT8ZA8' but Signing Certificate is shown as 'Apple Development: My ID (VC78G4S77J). Therefore when I build iOS simulator on Xcode or VScode, there is error 'No signing certificate "iOS Development" found: No "iOS Development" signing certificate matching team ID "FYF9AT8ZA8" with a private key was found.' If I try turn off 'Automatically manage signing' and select provisioning profile I created, Xcode said my profile does not include VC78G4S77J certificate, because my profile has FYF9AT8ZA8 certificate. Importing profile file is not helpful also. I think, first delete the all VC78G4S77J certificate in KeyChain and recreate FYF9AT8ZA8 certificate through KeyChain/CSR, however again VC78G4S77J certicate was created when I created on 'developer.apple.com'. I truly have no idea where did VC78G4S77J come from. Please let me solve this issue.. Warm regards.

When connected to the company's internal network without accessing the Internet, can an IPA installation package be generated if the certificate files are imported in advance?

I am attempting to sign a *.pkg for distribution but I get "Could not find appropriate signing identity for 'Developer ID Application: CompanyName'. I'm calling this command to sign: productsign --sign 'Developer ID Application: CompanyName' "unsigned.pkg" "signed.pkg" I've downloaded the WWDR Intermediates, when I go through Keychain Access > Certificate Assistant > Evaluate on the cert and select "Code Signing" I get "Evaluation Status: Success" and "Certificate Status: Good". Additionally my certificate shows up as valid in my keychain. I'm at a loss for what is going on.

Hi there, our team is facing a problem distributing our app archive to TestFlight. When we try to do so through the Product > Archive option, we get a generic Xcode Archive error message, stating that we can’t distribute or validate it. This issue has been persistent for a few days now, and we’ve been unable to resolve it. We’ve reviewed the documentation (e.g., TN3110, TN3109) to ensure that we’ve set the “Skip Install” option to “No” and the Installation Directory to $(LOCAL_APPS_DIR). However, these changes haven’t made any difference. Another complication is that we’re using our team member’s developer account to distribute the app. As a result, we’ve encountered code signing issues with their credentials on our own devices. Despite our efforts, we’ve been unable to log in to their account. We would greatly appreciate any assistance you can provide in resolving this issue. Thank you for your attention to this matter.

Hi (from France) I have a MacOS application which handles the App Store receipt by requesting at the url "https://buy.itunes.apple.com/verifyReceipt". From the response, I can know what are the inApps bought by the user and that suits for me. I don't know if if I must change something in my code accordingly to this TN3118. Does someone knows the response ? Best regards.

Hi, our team is facing a problem distributing our app archive to TestFlight. When we try to do so through the Product > Archive option, we get a generic Xcode Archive error message, stating that we can’t distribute or validate it. This issue has been persistent for a few days now, and we’ve been unable to resolve it. We’ve reviewed the documentation (e.g., TN3110, TN3109) to ensure that we’ve set the “Skip Install” option to “No” and the Installation Directory to $(LOCAL_APPS_DIR). However, these changes haven’t made any difference. Another complication is that we’re using our team member’s developer account to distribute the app. As a result, we’ve encountered code signing issues with their credentials on our own devices. Despite our efforts, we’ve been unable to log in to their account. We would greatly appreciate any assistance you can provide in resolving this issue. Thank you for your attention to this matter.

Hi all, I got the email saying my certificate(s) will be expiring in 30 days. I can view my certificates (distribution, distribution managed, and 2x developments) on my account page. The distribution expires in 30 days (4/20/2023) The distribution managed expires in 6 months Development #1 (under my name) expires in 30 days (4/20/2023) Development #2 (also under my name) expires in 2 months (5/26/2023) However, I don't see any way to renew them. I have read other posts that talk about 'edit' or 'generate' buttons, but I don't see that and I presume those posts are just out of date. When I look in my xcode project, I see that I am using 'automatically manage singing'. Xcode also shows that a provisioning profile is expiring in 2 months. I presume that is something different? It has the same expiration date as my development #2 certificate (5/26/2023). It's also unclear what is going to happen when these certificates expire. I read that devices running builds with the expired distribution cert will stop working. Is that just for internal builds downloaded from something like Test Flight? Will live builds, downloaded by actual players from the AppStore, stop working if I don't push a release with a new cert in the next month? I am the one that set this all up and 'maintains' it, but I don't engage with it often enough to remember the bits and bobs. My apologies for all the newbie questions. Thank you for your assistance

I received this email and i cannot for the life of me figure out how to renew a distritbution certificate and create a request for signature certificate. This is all so confusing and not easy to follow at all. Please help, my distribution certificates expires on October 27th. Dear Daniel, Your Distribution Certificate will no longer be valid in 30 days. To generate a new certificate, sign in and visit Certificates, Identifiers & Profiles. Certificate: Distribution Team ID: M96UCKJQHT To learn more about expired certificates, visit the certificates support page. Best regards, Apple Developer Relations

I received an email saying this: Your iOS Distribution Certificate will no longer be valid in 30 days. To generate a new certificate, sign in and visit Certificates, Identifiers & Profiles. If I don't correct that situation, what will be the consequences for my apps' users? The Apple documentation is vague on this, because they seem to automatically assume that I plan to comply and renew the cert. However I don't own a Mac at present, nor an iOS device. My apps are monetarily free, so no financial incentive exists to buy either. If I don't renew the distribution cert again (maybe by borrowing a Mac), will my apps' existing users be adversely affected? FWIW, my apps don't support iCloud in any way. I would also note that the "Certificates, Identifiers & Profiles" section isn't visible anywhere; I'm using Firefox.

Hello there, Apologies for this most basic question!. We have an iOS application and no developers left to work on it. That is fine as we are not planning on making any changes to the app for a long time, however, we have just received an email stating that our "iOS Distribution Certificate" is due to expire soon. We have looked through the documentation but it is very technical. Firstly, what I am trying to understand is: The only options we have under "Certificates, Identifiers & Profiles" on the Apple Developer web site are "Download" and "Revoke". Do we have to "Revoke" the certificate before creating a new one? If so, won't this stop the released app from working? Is it possible to just re-create the certificates from the Apple Developer web site without re-releasing the iOS app? Or do you have to sign the app with the new certificates in XCode and re-release it? Many thanks!

Hello, I've developed an application using Electron with Javacript. I have managed to deploy to both Windows and the web but having trouble deploying the application to my Mac users. It's my first time deploying an application for Mac but feel like I'm stuck at the last hurdle and out of ideas so I'm reaching out for help. My application is successfully signing but during the build and when my Notarize.js is running it seems to get stuck indefinitely. I can check and see the status of the Notarize attempts but they seem to be stuck "In Progress". Here are the logs. Successfully received submission history. history -------------------------------------------------- createdDate: 2025-01-06T00:59:45.245Z id: 1dc39b5f-fdca-4bf2-a6f6-fa793de2786e name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-04T08:01:36.168Z id: c575b015-edd6-4e09-8da5-7ae09f4f67db name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-03T08:30:31.528Z id: 570ae540-8cce-4418-ab09-7f6be33dc245 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-03T07:57:56.701Z id: 42748de8-026a-4663-9fd2-88c7608588d3 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-03T06:30:19.569Z id: 5140caa0-df14-491a-b148-82015f9856da name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-03T05:56:28.916Z id: 535c6be1-4999-4b3e-9766-42512a8deb67 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-03T02:51:04.893Z id: ead2268c-62b2-4b4b-8850-c1cdb5313d6a name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-03T01:50:51.954Z id: d0c44281-a788-4704-a057-4620d284516d name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-03T00:48:54.445Z id: 3d13727c-06a3-49d7-902b-4001522107c3 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-02T13:35:26.715Z id: 1823a550-a9ff-467a-8a60-dd3e42305258 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-02T13:23:41.894Z id: cbc341a2-9a51-43d6-83ae-713443c84fec name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T12:21:44.561Z id: 1af34419-655f-49b8-bea0-05b4232c46a7 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-02T11:34:03.732Z id: 8c4ab3b5-2ea9-4220-9667-94011bcf76fb name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T11:19:16.052Z id: 093dfb8a-9058-417d-acd3-8ea5d0bb654a name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T11:13:14.676Z id: 556b7c1c-d114-4717-b0f7-4f1614ada845 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T10:52:36.834Z id: ce3d3c8a-d218-4978-8757-2ca9d12aad76 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T09:27:13.535Z id: b65ec764-baab-444d-809b-e4242d70548b name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T09:27:01.176Z id: be228acc-e6a2-48f2-937b-5b2962275052 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T09:19:19.182Z id: d99fc10b-c424-4d0c-a2aa-37a9e9165d91 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-02T08:55:43.064Z id: 2e7f8df7-9c0b-4dd0-8df7-8f3428c0bfa0 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T08:19:48.676Z id: 678355da-e413-4b1a-92a8-776a6ff6a055 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T07:58:48.278Z id: 8591f8d7-1d57-4e80-af90-d77190160a20 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T07:54:41.193Z id: f029dfeb-3f14-4f65-83e2-d9356ef6ac00 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T07:27:50.613Z id: 574f2563-d533-4885-947a-2f57170196af name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T07:09:54.203Z id: 589f7f3a-d231-4911-8ad6-9d2c15a61ac0 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T05:39:02.574Z id: 9edd43de-6d14-4743-87fc-ab570bee7399 name: Popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T04:36:12.342Z id: ba02116d-1aad-4521-8667-ad086b14c1cb name: Popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T03:22:49.185Z id: b8585c81-b7f5-4c35-9bd6-62157c6ce4bc name: Popcorn.zip status: In Progress

Hello, I've developed an application using Electron with JAVACRIPT. I have managed to deploy to both Windows and the web but having trouble deploying the application to my Mac users. It's my first time deploying an application for Mac but feel like I'm stuck at the last hurdle and out of ideas so I'm reaching out for help. My application is successfully signing but during the build and when my Notarize.js is running it seems to get stuck indefinitely. I can check and see the status of the Notarize attempts but they seem to be stuck "In Progress". Here are the logs. Successfully received submission history. history -------------------------------------------------- createdDate: 2025-01-06T00:59:45.245Z id: 1dc39b5f-fdca-4bf2-a6f6-fa793de2786e name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-04T08:01:36.168Z id: c575b015-edd6-4e09-8da5-7ae09f4f67db name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-03T08:30:31.528Z id: 570ae540-8cce-4418-ab09-7f6be33dc245 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-03T07:57:56.701Z id: 42748de8-026a-4663-9fd2-88c7608588d3 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-03T06:30:19.569Z id: 5140caa0-df14-491a-b148-82015f9856da name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-03T05:56:28.916Z id: 535c6be1-4999-4b3e-9766-42512a8deb67 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-03T02:51:04.893Z id: ead2268c-62b2-4b4b-8850-c1cdb5313d6a name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-03T01:50:51.954Z id: d0c44281-a788-4704-a057-4620d284516d name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-03T00:48:54.445Z id: 3d13727c-06a3-49d7-902b-4001522107c3 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-02T13:35:26.715Z id: 1823a550-a9ff-467a-8a60-dd3e42305258 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-02T13:23:41.894Z id: cbc341a2-9a51-43d6-83ae-713443c84fec name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T12:21:44.561Z id: 1af34419-655f-49b8-bea0-05b4232c46a7 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-02T11:34:03.732Z id: 8c4ab3b5-2ea9-4220-9667-94011bcf76fb name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T11:19:16.052Z id: 093dfb8a-9058-417d-acd3-8ea5d0bb654a name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T11:13:14.676Z id: 556b7c1c-d114-4717-b0f7-4f1614ada845 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T10:52:36.834Z id: ce3d3c8a-d218-4978-8757-2ca9d12aad76 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T09:27:13.535Z id: b65ec764-baab-444d-809b-e4242d70548b name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T09:27:01.176Z id: be228acc-e6a2-48f2-937b-5b2962275052 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T09:19:19.182Z id: d99fc10b-c424-4d0c-a2aa-37a9e9165d91 name: Popcorn-1.0.0.dmg status: In Progress -------------------------------------------------- createdDate: 2025-01-02T08:55:43.064Z id: 2e7f8df7-9c0b-4dd0-8df7-8f3428c0bfa0 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T08:19:48.676Z id: 678355da-e413-4b1a-92a8-776a6ff6a055 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T07:58:48.278Z id: 8591f8d7-1d57-4e80-af90-d77190160a20 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T07:54:41.193Z id: f029dfeb-3f14-4f65-83e2-d9356ef6ac00 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T07:27:50.613Z id: 574f2563-d533-4885-947a-2f57170196af name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T07:09:54.203Z id: 589f7f3a-d231-4911-8ad6-9d2c15a61ac0 name: popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T05:39:02.574Z id: 9edd43de-6d14-4743-87fc-ab570bee7399 name: Popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T04:36:12.342Z id: ba02116d-1aad-4521-8667-ad086b14c1cb name: Popcorn.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-02T03:22:49.185Z id: b8585c81-b7f5-4c35-9bd6-62157c6ce4bc name: Popcorn.zip status: In Progress

I have received email about your development certificate has been revoked, but couldn't identify who did that, due to this revocation one of our enterprise application stopped working. So posting here to seek some suggestion on following 1.) Identification of Revoking Party: Though I have already raised a support ticket to Apple still waiting for their reply. Is it possible for Apple to send logs or account activity logs that from which account or who did the revocation? 2.) How much does Apple take to reply to the support tickets. 3.) No one else received email in my development team. Is it because the certificate which I created is revoked that's the reason only I have received email? 4.) May I know what are the other scenarios that certificate can be revoked other than a human error? 5.) Is there a way for us to internally monitor activity within our developer account, such as identifying who has been actively logged in and updating certificates?

After not happening to me for a few months, this issue has started hitting me again with currently %100 reproducability. If turn on VPN on my Mac then instantly the developer certificates within the keychain become untrusted. But that's not all, if VPN is then turned off the certificates do not revert to their trusted status but remain untrusted. The consequence of this is that if VPN is turned on and then a build is perform, it fails, and the only way to fix things is to delete the cert(s) from they keychain and re-install them. As a remote worker, having this happen several or even dozens of times a day is incredibly annoying and frustrating. This issue has been occurring for literally years, sometimes it occurs very often, others while its quiet for a while, and has spanned multiple versions of Xcode and Mac OS. So whatever the cause is its endemic. It doesn't just affect myself, but all the members in my development team. I'm currently using Xcode 14.1 RC 2 and Monterey but I've seen this issue occur with many versions of Xcode and Mac. (I'm using Cisco AnyConnect Secure Mobility Client). If the VPN is somehow interfering/affecting the connectivity aspect when an attempt is made by Xcode to validate the certificate, then why does it not rectify itself after turning off VPN? This is so so so so annoying. Can somebody please comment on why this happens and if there's a way to prevent it.