I joined the Apple Developer Program using my existing Apple ID, the account identifier changed but when I create a new certificate in the developer portal the certificate has the old identifier. (i.e when installed in my keychain) I have revoked and recreated my certificates, profiles and identifiers, cleared derived data, deleted certificates in keychain many times without any success. When I build my iOS App and run it on my iOS 14 Max Pro directly connected to my Mac Mini I get the error: Command CodeSign failed with a nonzero exit code. Am I missing something? Please help. Thanks.

Hi, I have developed a MacOS app I'd like to distribute outside app store. I am an indie developer, there is no company, just me. If I disable gatekeeper, app installs and runs fine. But to distribute, it seems I now have to sign the app (notarise etc) - which means joining Apple Developer Program and paying $99 p.a. for the pleasure. But before I sign up, I wanted to check what will be shown on the certificate? I'd prefer not to show my (fairly unique) name/surname for privacy reasons. Will I be able to specify CN etc for the certificate or am I doomed to publicise my name with the app? Thanks

If I understand correctly, Apple Distribution certificate type aims to replace the separate platform-specific certificate types. (Please don't jump me, I know this is a very simplified way to put it :D) I am 100% sure Apple Distribution certificate can be used instead of a "Mac App Distribution" certificate, but I'm not sure whether the same is true for installers, namely the "Mac Installer Distribution" certificate. I have read eskimo's great articles on packaging (https://developer.apple.com/forums/thread/701581) and signing (https://developer.apple.com/forums/thread/128166) but I have not seen a definite answer to this question in those. Our command line builds started to fail with a 'no certificate of type Mac Installer Distribution is found' without any actual apparent change to the build process, so I'm just trying to understand this certificate type better. I see no sign of this certificate ever having existed in developer.apple.com under Certificates tab. We use the xcodebuild -exportArchive command with an -exportOptionsPlist that has the following content: <dict> <key>[redacted]</key> <string>[redacted]</string> <key>[redacted]</key> <string>[redacted]</string> </dict> <key>installerSigningCertificate</key> <string>3rd Party Mac Developer Installer</string> <key>signingCertificate</key> <string>Mac App Distribution</string> and this has not changed at all either between the last successful build and the failing ones. I listed the existing code signing identities with security find-identity -p codesigning and only an Apple Distribution certificate shows up, not Mac Installer Distribution certificate.

Hi, After spending two months trying to launch this app I decided to start from scratch, and regenerate everything from code signing requests, certs, apps, appIDs, App Store entries, EVERYTHING, and at the end of all of it, I get exactly the same problem I've had for months: "Invalid Provisioning Profile. The provisioning profile included in the bundle com.chiltonwebb.secretprojectname [com.chiltonwebb.secretprojectname.pkg/Payload/secretprojectname.app] is invalid. [Invalid 'com.apple.application-identifier' entitlement value.] For more information, visit the macOS Developer Portal. (ID: 723cede2-3c9f-4069-b4fa-581ebd3468b9)" I'm tired of guessing. I've tried everything I can find in these forums. What is the official way to diagnose this problem? -Chilton

I have created Apple Development Signing Certificate for my macbook-air device with my developer account email here and when i export the certificate to view details but I found this then, How can I convert it to human readable language or any other better than this to see its content?

I want to sign xml file using enveloped signature approach in swift. The example original xml file could be like below <?xml version="1.0" encoding="ISO-8859-1"?> <Envelope xmlns="http://example.org/envelope"> <Body> Olá mundo </Body> </Envelope> After signature, the xml file would be like this <?xml version="1.0" encoding="ISO-8859-1"?> <Envelope xmlns="http://example.org/envelope"> <Body> Olá mundo </Body> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <Reference URI=""> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>????</DigestValue> </Reference> </SignedInfo> <SignatureValue>????</SignatureValue> <KeyInfo> <KeyValue> <RSAKeyValue>????</RSAKeyValue> </KeyValue> </KeyInfo> </Signature> </Envelope> Here the steps are encrypt using sha1WithRSAEncryption signature algorithm (rsa-sha1), which uses the SHA-1 message digest algorithm and RSA PKCS#1v1.5 to create the signature. Get the digest value using SHA-1 Canonicalization will be according to Canonical XML Version 1.0 or c14n rules. Is there any library in swift or objective c which i can use for this purpose? I am currently using AEXML to parse, read and write xml file. But for canonical conversion and other steps stated above which library i can use? For Your reference in C#, Cryptography.Xml provides all those functionalities. The below code in C# do the signing part of XML. SignedXml signedXml = new SignedXml(xmlDocument); signedXml.SigningKey = certificate.PrivateKey; Reference reference = new Reference(); reference.Uri = ""; //"#" + procedureSerial; reference.Type = reason; reference.Id = DateTime.UtcNow.Ticks.ToString(); // Add an enveloped transformation to the reference. XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(true); reference.AddTransform(env); // Add the reference to the SignedXml object. signedXml.AddReference(reference); //canonicalize XmlDsigC14NTransform c14t = new XmlDsigC14NTransform(); reference.AddTransform(c14t); KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data keyInfoData = new KeyInfoX509Data(certificate); KeyInfoName kin = new KeyInfoName(); kin.Value = certificate.FriendlyName; RSA rsa = (RSA)certificate.PublicKey.Key; RSAKeyValue rkv = new RSAKeyValue(rsa); keyInfo.AddClause(rkv); keyInfo.AddClause(kin); keyInfo.AddClause(keyInfoData); signedXml.KeyInfo = keyInfo; // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); xmlDocument.DocumentElement.AppendChild( xmlDocument.ImportNode(xmlDigitalSignature, true) ); I want to do same functionalities using swift or objective C to sign xml file in MacOS. Could you please suggest any library regarding this?

I'm creating macos frameworks and ios xcframeworks using xcode 13.1 In my python script I do the following: codesign --sign "My Company" "full path to my framework" codesign -dv --verbose=4 "full path to my framework" This results in something like the following: Executable=/Info.plist Identifier= Format=bundle CodeDirectory v=20100 size=194 flags=0x0(none) hashes=1+3 location=embedded Hash type=sha256 size=32 CandidateCDHash sha1=e8178a1c065d50b0c056ac1d28a00b32f5233cfa CandidateCDHashFull sha1=e8178a1c065d50b0c056ac1d28a00b32f5233cfa CandidateCDHash sha256=a09d875a205267dbae768f5432c2eb6971d79a33 CandidateCDHashFull sha256=a09d875a205267dbae768f5432c2eb6971d79a33744005c715fe2388c9e91a5c Hash choices=sha1,sha256 CMSDigest=3aa96ec9a8a5d6b761fa80050907acd77cfd23019c338d6e7e6bbb89de08daf5 CMSDigestType=2 Page size=none CDHash=a09d875a205267dbae768f5432c2eb6971d79a33 Signature size=6940 Authority= Authority=Sectigo Public Code Signing CA R36 Authority=Sectigo Public Code Signing Root R46 Authority=AAA Certificate Services Signed Time=Oct 19, 2023 at 9:40:08 PM Info.plist entries=3 TeamIdentifier=not set Sealed Resources version=2 rules=10 files=5 Internal requirements count=1 size=96 Success: codesign verification succeeded. However, when trying to use this framework in Xcode 15, we are getting the error: "The signature of "My Library" cannot be found"

To support an older version of an iOS app, I needed to install Mojave with Xcode 9. I create a CSR and from there generate an iOS Distribution certificate online, which I download and double click to install in Keychain. However, when viewing in Keychain, it shows in red "iPhone Distribution: CompanyName certificate is not trusted". I'm not sure what I'm doing wrong as I follow the instructions to the T and have done this in the past with success. NOTE: I tried this with Sierra as well and got the same issue. It only seems to work on Catalina, which doesn't help me because I need an older version of Xcode.

Dear Sirs, I've written a Swift App, a C++ application and a Driver Extension using DriverKit and AudioDriverKit. As it works on my development machine now I'd like to give it to some other users and so I'm trying to make a Release Build. I've created a Signing Certificate for "Apple Distribution" which I can use for my Swift App and the C++ application which also both use "com.apple.developer.driverkit.userclient-access". I've been given this entitlement and the "Distribution Support" is for "Development, Ad hoc, App Store, Developer ID". For my Driver Extension I'm using the entitlements "com.apple.developer.driverkit" and "com.apple.developer.driverkit.family.audio" which I've also been given and which show the identical "Distribution Support". But when I try to use my Signing Certificate XCode refuses to use the provisioning profile for the Dext and says "Xcode 14 and later requires a DriverKit development profile enabled for iOS and macOS. Visit the developer website to create or download a DriverKit profile." On the other hand I have to use the same Signing Certificate for my Swift App that embeds the Dext and the Dext itself. How can I create a Signing Certificate for Release mode that works for both, the Swift App and the Dext? Thanks and best regards, Johannes

If I make a certsigningrequest to get a certificate in the developer account, it is not uploaded , i uploaded it but does not appeared it , can you help me ?

When I want to create ios development / distribution certificate it show error. The operation couldn’t be completed. (OSStatus error -2147416032.)

Hi there, Currently having some issues debugging on a physical device. I am running a flutter app, and have a provisioning profile provided by our client company that is not expired and has worked up until recently just fine with physical devices. Running the app on a simulator works okay as well. However, all of the sudden the app will not run on a physical device. The build succeeds fine, but then I receive the error "Unable to install runner: A valid provisioning profile for this executable was not found". I have opened devices and simulators and tried to install the provisioning profile on the device, but get the error "Failed to install one or more provisioning profiles on the device: Please ensure the provisioning profile is configured for this device. If not, please try to generate a new profile." I don't know why this error appears, because I have used this exact profile on this device many times before. I'm hesitant to contact the client to receive a new provisioning profile because it is not easy to do, and again this one has worked fine until now. Does anyone have any ideas? Thanks!

I'm trying to sign a Mac app created with Unreal Engine. The signing process is manual using codesign. For some reason I'm having a crash on the app when adding certain entitlements that are necessary to the entitlements.plist file before signing. The crash looks like this: Exception Type: EXC_CRASH (SIGKILL (Code Signature Invalid)) Exception Codes: 0x0000000000000000, 0x0000000000000000 Termination Reason: CODESIGNING 1 Taskgated Invalid Signature Here's the crash full report: Full Report {"app_name":"Decoherence-Mac-Shipping","timestamp":"2023-10-11 08:49:18.00 -0500","app_version":"0.0.483","slice_uuid":"ad91922a-cea7-31bf-ba11-4984e24e77cc","build_version":"0.0.483","platform":0,"bundleID":"com.efectostudios.DecoherenceMac","share_with_app_devs":0,"is_first_party":0,"bug_type":"309","os_version":"macOS 13.2.1 (22D68)","roots_installed":0,"name":"Decoherence-Mac-Shipping","incident_id":"61D76BED-A68D-4535-AF3A-78BF60347328"} { "uptime" : 5500, "procRole" : "Default", "version" : 2, "userID" : 501, "deployVersion" : 210, "modelCode" : "iMac19,1", "coalitionID" : 2112, "osVersion" : { "train" : "macOS 13.2.1", "build" : "22D68", "releaseType" : "User" }, "captureTime" : "2023-10-11 08:49:17.3326 -0500", "incident" : "61D76BED-A68D-4535-AF3A-78BF60347328", "pid" : 15082, "cpuType" : "X86-64", "roots_installed" : 0, "bug_type" : "309", "procLaunch" : "2023-10-11 08:49:16.7724 -0500", "procStartAbsTime" : 5576178496866, "procExitAbsTime" : 5576738153681, "procName" : "Decoherence-Mac-Shipping", "procPath" : "/Users/Shared/*/DecoherenceTemp copy.app/Contents/MacOS/Decoherence-Mac-Shipping", "bundleInfo" : {"CFBundleShortVersionString":"0.0.483","CFBundleVersion":"0.0.483","CFBundleIdentifier":"com.efectostudios.DecoherenceMac"}, "storeInfo" : {"deviceIdentifierForVendor":"E8644E4C-3DF3-5239-897E-0A6D4BAFD5BD","thirdParty":true}, "parentProc" : "launchd", "parentPid" : 1, "coalitionName" : "com.efectostudios.DecoherenceMac", "crashReporterKey" : "7D9F74A0-44A0-D390-8EC8-6721FAB5FDF6", "throttleTimeout" : 2147483647, "wakeTime" : 1328, "sleepWakeUUID" : "014C6A54-479A-450B-94E2-5F9C7E6630D5", "sip" : "disabled", "exception" : {"codes":"0x0000000000000000, 0x0000000000000000","rawCodes":[0,0],"type":"EXC_CRASH","signal":"SIGKILL (Code Signature Invalid)"}, "termination" : {"flags":66,"code":1,"namespace":"CODESIGNING","indicator":"Taskgated Invalid Signature"}, "extMods" : {"caller":{"thread_create":0,"thread_set_state":0,"task_for_pid":0},"system":{"thread_create":0,"thread_set_state":0,"task_for_pid":2262},"targeted":{"thread_create":0,"thread_set_state":0,"task_for_pid":0},"warnings":0}, "faultingThread" : 0, "threads" : [{"triggered":true,"id":78216,"threadState":{"r13":{"value":0},"rax":{"value":0},"rflags":{"value":512},"cpu":{"value":0},"r14":{"value":0},"rsi":{"value":0},"r8":{"value":0},"cr2":{"value":0},"rdx":{"value":0},"r10":{"value":0},"r9":{"value":0},"r15":{"value":0},"rbx":{"value":0},"trap":{"value":0},"err":{"value":0},"r11":{"value":0},"rip":{"value":4597456624,"matchesCrashFrame":1},"rbp":{"value":0},"rsp":{"value":140702040136552},"r12":{"value":0},"rcx":{"value":0},"flavor":"x86_THREAD_STATE","rdi":{"value":0}},"frames":[{"imageOffset":20208,"symbol":"_dyld_start","symbolLocation":0,"imageIndex":0},{"imageOffset":0,"imageIndex":1}]}], "usedImages" : [ { "size" : 622592, "arch" : "x86_64", "source" : "P", "base" : 4597436416, "uuid" : "bba77709-6cad-3592-ab03-09d0f7b8610e" }, { "size" : 85278720, "arch" : "x86_64", "source" : "P", "base" : 4308656128, "uuid" : "ad91922a-cea7-31bf-ba11-4984e24e77cc" } ], "vmSummary" : "ReadOnly portion of Libraries: Total=202.9M resident=0K(0%) swapped_out_or_unallocated=202.9M(100%)\nWritable regions: Total=11.4M written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=11.4M(100%)\n\n VIRTUAL REGION \nREGION TYPE SIZE COUNT (non-coalesced) \n=========== ======= ======= \nSTACK GUARD 56.0M 1 \nStack 8192K 1 \nVM_ALLOCATE 4K 1 \n__DATA 13.0M 3 \n__DATA_CONST 32K 1 \n__DATA_DIRTY 16K 1 \n__LINKEDIT 121.0M 3 \n__TEXT 81.9M 2 \nshared memory 4K 1 \n=========== ======= ======= \nTOTAL 279.9M 14 \n", "legacyInfo" : { "threadTriggered" : { } }, "trialInfo" : { "rollouts" : [ { "rolloutId" : "5ffde50ce2aacd000d47a95f", "factorPackIds" : { }, "deploymentId" : 240000334 }, { "rolloutId" : "5fb4245a1bbfe8005e33a1e1", "factorPackIds" : { }, "deploymentId" : 240000021 } ], "experiments" : [ { "treatmentId" : "6dd670af-0633-45e4-ae5f-122ae4df02be", "experimentId" : "64406ba83deb637ac8a04419", "deploymentId" : 900000017 } ] }, "reportNotes" : [ "dyld_process_snapshot_get_shared_cache failed" ] }

Hi, how to re-sign an open ipa file with my developer account and install to my device for testing. Thanks

I have Xcode cloud setup to pull the project from Github. I'm seeing this error when the pod install runs: macos/Runner.xcodeproj: error: No signing certificate "Mac Development" found: No "Mac Development" signing certificate matching team ID "*" with a private key was found. (in target 'Runner' from project 'Runner') I have the project automatically signed with my Apple Development cert. Any clue what I'm missing here? I noticed when I change the signing to manual in Xcode and I try to pull to the provisioning profiles it fails with this error: no eligible profiles found for Runner matching the macOS platform with bundle identifier xxxxxx. I have couple of profiles created for macOS in my account and they are associated with the Mac Development cert in my account as well. Does the Xcode project has some mismatching configs? Worth noting that the iOS project is working fine and building successfully. It can pull the associated profiles with no issues.

How to delete certificates from "Certificates, Identifiers &amp;amp; Profiles?" I have a new Mac and need to create new certificate for it but there is no option of deleting or editing of the existing certificates. When trying to add a new one the option is greyed out with the following commend: Developer ID Application This certificate is used to code sign your app for distribution outside of the Mac App Store. Maximum number of certificates generated.

Hi,my apps run on the iOSSimulator without problems and used to run on devices as well, but after updating to latest XCode-Version I am getting the above error message when trying to run an app on my iPhone 7. It says :"codesign wants to access key "access" in your bunch of keys . To allow this enter your password".... but my apple-Developer-ID-Password doesn't work. And until updating to latest XCode-Version I never had any problems with codesign when running an app on iPhone device.Any hints what's going wrong ?XCode Version 9.1 (9B55)iOS Version 11.1.2 (15B202)Latest High Sierra Version, macbook Pro 2015

I looked at other posts with this problem and didn't find anything that worked. I used Keychain Access and Certificate Assistant to create a CSR; I uploaded that on the portal. Downloaded the certificate, and I get that error whenever I try to import it. I can import it into the System one, but then it's untrusted, and I still can't export it as a p12 file. This is one of the few times I did everything by reading the documentation as I did it, so I'm very confused.

I created a driver using DriverKit on Intel macOS 12.6.1 and Xcode 13.3. I enabled auto-manage signing, and set the signing certificate to 'Sign to Run Locally'. Then, I created a provision profile for the driver and selected my M1 test device. After installing the profile, I ran the app on the M1 device and successfully activated the driver. However, when I tried to compile the project on M1 macOS 13.3 with Xcode 14.3.1, I encountered an error. It appears that DriverKit does not support the 'Sign to Run Locally' option on M1 devices. To resolve this issue, I switched to using the 'Apple Development' signing certificate. Unfortunately, even after making this change, I still received an error message regarding 'Sign to Run Locally' from the Xcode console. Both devices are logged in with the same developer account. Could you please advise me on how to resolve this problem? iig: #include <Availability.h> #include <DriverKit/IOService.iig> #include <DriverKit/IOUserClient.iig> //class OSAction; class epusbfilter: public IOService { public: virtual bool init() override; virtual kern_return_t Start(IOService * provider) override; virtual kern_return_t Stop(IOService * provider) override; virtual void free() override; virtual kern_return_t GetRegistryEntryID(uint64_t * registryEntryID) override; }; cpp: #include <os/log.h> #include <DriverKit/IOUserServer.h> #include <DriverKit/IOLib.h> #include <USBDriverKit/IOUSBHostInterface.h> #include <USBDriverKit/IOUSBHostPipe.h> #include "epusbfilter.h" #define Log(fmt, ...) os_log(OS_LOG_DEFAULT, "epusbfilter - no super," fmt "\n", ##__VA_ARGS__) struct epusbfilter_IVars { IOUSBHostInterface *interface; IOUSBHostPipe *inPipe; OSAction *ioCompleteCallback; IOBufferMemoryDescriptor *inData; uint16_t maxPacketSize; }; bool epusbfilter::init() { bool result = false; Log("init"); result = super::init(); return result; } void epusbfilter::free() { super::free(); Log("free"); } kern_return_t IMPL(epusbfilter, Start) { kern_return_t ret; Log("Start"); ret = Start(provider, SUPERDISPATCH); return ret; } kern_return_t IMPL(epusbfilter, Stop) { kern_return_t ret = kIOReturnSuccess; Log("Stop"); ret = Stop(provider, SUPERDISPATCH); return ret; } kern_return_t IMPL(epusbfilter, GetRegistryEntryID) { Log("GetRegistryEntryID"); return GetRegistryEntryID(registryEntryID, SUPERDISPATCH); } info.plist <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>IOKitPersonalities</key> <dict> <key>epusbfilter</key> <dict> <key>CFBundleIdentifier</key> <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string> <key>CFBundleIdentifierKernel</key> <string>com.apple.kpi.iokit</string> <key>IOProviderClass</key> <string>IOUSBHostInterface</string> <key>IOClass</key> <string>IOUserUserClient</string> <!-- <key>IOResourceMatch</key>--> <!-- <string>IOKit</string>--> <key>IOUserClass</key> <string>epusbfilter</string> <key>IOUserServerName</key> <string>com.injection.epusbfilter.dext</string> <key>bConfigurationValue</key> <integer>1</integer>--> <key>bInterfaceNumber</key> <integer>0</integer> <key>idVendor</key> <string>*</string> <key>idProduct</key> <string>*</string> <key>UserClientProperties</key> <dict> <key>IOClass</key> <string>IOUserUserClient</string> <key>IOUserClass</key> <string>epusbfilter</string> </dict> </dict> </dict> </dict> </plist> entitlemens: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.driverkit</key> <true/> <key>com.apple.developer.driverkit.transport.usb</key> <array> <dict> <key>idVendor</key> <string>*</string> <key>idProduct</key> <string>*</string> </dict> </array> </dict> </plist>

Hi, I am trying to run flutter build on test flight. I tested the app locally on physical device iphone 13 and on simulator, it works perfectly fine. I tried creating ipa through flutter in vs code and archive in xcode, both run successfully. When i put my app on testing in testflight, it shows error, "Could not install Batched. Your request couldn't be completed. Try again." I tried creating certificates, identifiers, provisional profiles, manual signing, automatic signing, still no luck