I’m building an Electron app for macOS that I plan to distribute to users in a .dmg outside the Mac App Store. I have a Developer ID Application certificate (from Apple’s Developer Portal) and a private key, and I can see “Developer ID Certification Authority” in my System Roots keychain.
• My Developer ID Application certificate is in the login keychain, and it shows up under “My Certificates” with its private key.
• On Keychain, certificate shows red message "not trusted", but when I evaluate and check it specifically for codesigning it shows a green checkmark and success
• Developer ID Certification Authority is in System Roots.
• security find-identity -p codesigning – shows my certificate, but shows 0 valid identities
• Updated operating system and deleted and recreated a new certificate, still get the same issue
The most common reason for problems like this is that you have the certificate but not its associated public key. You need that to form a code-signing identity and thus sign your code.
However, you’re saying that it shows up under My Certificates, which is indicates that you do have the private key. That’s good. Losing the private key for a Developer ID signing identity is bad, something I explain in The Care and Feeding of Developer ID.
Updated operating system and deleted and recreated a new certificate
Be very careful doing that with Developer ID certificates. There’s a limit to how many times you can repeat the process. This is another thing I explain in The Care and Feeding of Developer ID.
As to why your certificate is untrusted, there are three common causes of that, which I explain in Fixing an untrusted code signing certificate.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"