Unable to sign the macOS app using 3rd party developer ID installer

Question

Created Feb ’23

Replies 3

Boosts 0

Participants 2

Guys,

I created the CSR from my testing MacBook and shared the .csr to my manager and he generated the developer ID installer certificate using the shared .csr. After I installed the developer id installer, keychain shows 'the certificate is not trusted'. So I changed it to 'Always trust'. Then covert the app from DMG to PKG and followed the steps for conversion given in this website (https://techcommunity.microsoft.com/t5/intune-customer-success/how-to-deploy-dmg-or-app-format-apps-to-intune-managed-macs/ba-p/1503416). Now I stuck at step 6, product sign and getting the error message: productsign: error: Could not find appropriate signing identity for “3rd party Mac Developer Installer: Developer ID Installer: XXXXX (XXXXXX)”. Kindly advice, how to proceed or shall I ask my manager to re-generate the developer ID installer certificate using the same shared .csr If so what reason I should give to him for the re-generation?

Boost

Answer 1

DTS Engineer OP

Apple

Feb ’23

So I changed it to 'Always trust'.

Don’t do that. Rather, follow the advice in Fixing an untrusted code signing certificate.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 2

Karthick_srv OP

Feb ’23

@eskimo, You are saying that I shouldn't change the option to 'Always trust", right?

0

Answer 3

DTS Engineer OP

Apple

Feb ’23

You are saying that I shouldn't change the option to 'Always trust", right?

Correct. Tweaking trust settings makes the certificate appear to be trusted in Keychain Access but causes problems further down the line. You need to remove any trust settings tweaks you’ve made and apply the right fix, which is to install the missing WWDR intermediate.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0