I tried building the React App for Any iOS device (Arm64) but I get error. Although I can build successfully for any iOS Simulators In the codesigning step I get the following error, "Warning: unable to build chain to self-signed root for signer "Apple Development: my email address ( ... ) " I don't have paid membership of Apple Developer Program, does that cause this failure? Also, to archive also do I need Apple Developer Program paid membership?

Hello! I've been facing an issue with notarizing a macOS app with an Enterprise API Key. Due to some misunderstanding setting up the project some years ago, the notarization step was using a developer's accounts API Key. I am looking to fix it to have everything centralized in the Enterprise account we work with, but I get "Debug [JWT] Generating new JWT for key ID" with the new key. This is using the xcrun notarytool directly to get more input. Using Fastlane it fails as: Error polling for notarization info: [11:29:25]: unexpected token at '' The project is deployed via MDM, so we need it to prevent the security warning. I used this documentation to create the key: https://developer.apple.com/documentation/enterpriseprogramapi/creating-api-keys-for-enterprise-program-api I have tried a Developer and an Admin access key, and the Account Holder has also created an Admin key but the errors keep the same. I just updated my Fastlane script to use the new key with the updated values. The old developer account key still works. I am not sure if I am missing any steps in the documentation or if this is not achievable. Important to add that all the profiles and certificates were already set up properly in the Enterprise account, the only error was using an App Store Connect Key instead of an Enterprise Key. Thanks in advance for the help.

Hi, I'm currently developing a Flutter app that utilizes Push Notifications. The Android implementation is working flawlessly, but I'm encountering compilation issues in Xcode. Specifically, I'm receiving the following error: Cannot create a iOS App Development provisioning profile for "dk.ceniconsulting.alarm". Personal development teams, including "Henrik Thystrup", do not support the Push Notifications capability. No profiles for 'dk.ceniconsulting.alarm' were found Xcode couldn't find any iOS App Development provisioning profiles matching 'dk.ceniconsulting.alarm'. This error seems to be a common issue, but I haven't been able to find a definitive solution. I've already generated a certificate, identifier, and installed them, but the problem persists. Does anyone have any insights or suggestions on how to resolve this issue? Or perhaps a link to a resource that addresses this specific problem?

Hello, my team is trying to fix a code signing issue with our app. Our production build works, but our debug build broke after upgrading to macOS 15. This is because our app contains an app extension that can no longer access our app group container after the upgrade to macOS 15. It looks like this is due to ~/Library/Group Containers being protected by SIP now. We were not code signing our debug app, and now security is stricter. Because of historical reasons, we need to use a Makefile to build our app instead of just using Xcode. We are trying to determine the best way to sign our debug app. It looks like our app extension is able to access our app group container if we sign the app with a developer certificate. However, we are wondering if the developer certificate is required. We see that Xcode can sign debug builds with the “-” code signing identity. We tried doing this from our Makefile in the same way we sign with the developer certificate, but it doesn’t work. Is this expected behavior?

/Users/varunashokbhaisidpara/Desktop/Screenshot 2024-11-15 at 5.43.44 PM.png This error occurs When I try to upload an app on the test flight or App Store. I checked "Automatically manage signing" in the main target. and i have added extensions DeviceActivityMonitorExtension, ShieldConfigurationExtension, ShieldActionExtension, DeviceActivityReport. and all have selected "Automatically manage signing" in the target > signing and capability. pls provide me with an exact solution set by step. Thank you

I'm unable to run a widget containing a live activity with the error message at the bottom of this post. I've verified I have NSSupportsLiveActivities set to yes in the correct Info.plist, and have downloaded sample projects from github containing the same values. This error occurs while running on a device or simulator, on Xcode 15 and 16, iOS simulator 17 and 18. Create sample project Create new widget extension target Set NSSupportsLiveActivities to true in the appropriateinfo.plist Run the widget This seems to be a longstanding issue https://forums.developer.apple.com/forums/thread/651611 Any ideas for debugigng? I'm completely blocked from running live activities. SendProcessControlEvent:toPid: encountered an error: Error Domain=com.apple.dt.deviceprocesscontrolservice Code=8 "Failed to show Widget 'ca.holligan.live-activity-example.widget' error: Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0x600000c6a8b0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)}}, FBSOpenApplicationRequestID=0x2ca0, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}." UserInfo={NSLocalizedDescription=Failed to show Widget 'ca.holligan.live-activity-example.widget' error: Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0x600000c6a8b0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)}}, FBSOpenApplicationRequestID=0x2ca0, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}., NSUnderlyingError=0x600000c6a940 {Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0x600000c6a8b0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)}}, FBSOpenApplicationRequestID=0x2ca0, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}}} Domain: DTXMessage Code: 1 User Info: { DVTErrorCreationDateKey = "2024-11-15 17:06:33 +0000"; } SendProcessControlEvent:toPid: encountered an error: Error Domain=com.apple.dt.deviceprocesscontrolservice Code=8 "Failed to show Widget 'ca.holligan.live-activity-example.widget' error: Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0x600000c6a8b0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)}}, FBSOpenApplicationRequestID=0x2ca0, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}." UserInfo={NSLocalizedDescription=Failed to show Widget 'ca.holligan.live-activity-example.widget' error: Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0x600000c6a8b0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)}}, FBSOpenApplicationRequestID=0x2ca0, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}., NSUnderlyingError=0x600000c6a940 {Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0x600000c6a8b0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (ca.holligan.live-activity-example.widget)}}, FBSOpenApplicationRequestID=0x2ca0, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}}} Domain: DTXMessage Code: 1 System Information macOS Version 14.5 (Build 23F79) Xcode 16.1 (23503) (Build 16B40) Timestamp: 2024-11-15T12:06:33-05:00

After using backup to setup my new Mac Mini my xCode App projects run ok in the Simulator but fail to Archive or Analyze with the error: "The specified item could not be found in the keychain." The item is a provisioning profile. I was able to Run, Archive and Validate these projects on my old Mac Mini just before the final backup. Are there known problems in backup of provisioning profiles or keychains? I have tried creating new profiles etc without success for several days. I'm not an expert developer so I'm hoping there is a simple solution. Please suggest the best way to resolve and/or clarify this problem.

I'm trying to distribute my macOS application (a .dmg file) to customers, and I've followed all the steps to sign and notarize the application. However, when I try to install the .dmg containing the app, Gatekeeper rejects it with the error "AppName cannot be opened because developer is not verified". Even though I’ve signed the app with my Developer ID, notarized it, and verified the signature using codesign, I am still encountering issues when attempting to install or open the app on a clean macOS environment. Here’s the error I see when using spctl to check the .dmg: spctl --assess --type open --verbose=4 output/App.dmg output/App.dmg: rejected source=Insufficient Context When trying: spctl -a -t open -vvv --context context:primary-signature output/App.dmg output/Unbounded.dmg: accepted source=Notarized Developer ID origin=Developer ID Application: My .app is signed and notarised by electron builder and I explicitly signed and notarised dmg too but still not working

I work with a team that is responsible for our company's centralized infrastructure for code signing various products within our portfolio, including iOS apps. For security purposes, we want to sign apps before their posting on the App Store, and also to log this activity for eventual security audits. Not surprisingly, we need automated processes; we can't use an IDE like Xcode to do the work. We must queue, process, and log all signing jobs, and have Macs dedicated to this purpose. I can't go into many details about our infrastructure due to confidentiality concerns, so I'll apologize now if my questions seem a little vague. We currently require our iOS developers to submit one or more new provisioning profiles as well as their IPA archive for signing. We support supplying multiple provisioning profiles because some of our developers include embedded third-party extensions within their IPAs, and these extensions can also have their own provisioning profiles. Within our back end, we open the archive, sign the relevant portions using the entitlements in one of the profiles (that we believe to be the appropriate one for the particular archive element), overwrite each supplied provisioning profile with (what we believe to be) the appropriate one from user input, and re-compress the archive. Here come the questions: When we receive multiple provisioning profiles, how do we know which profile should be used to help with signing which archive elements? What data (e.g. entitlements application-identifier, team-identifier) can we use? We also need to know which provisioning profiles from their input correspond to those that already exist within the archive. What data can we use to map profiles from one set to the other? Should we be requiring our users to submit new provisioning profiles in the first place? Or should we edit/recycle the existing ones in some way? We'd like to remove any unnecessary burdens for our users, if possible.

p12证书导出是灰色的，一直导出不了 ![]（“https://developer.apple.com/forums/content/attachment/36357e8a-bbb0-4661-a57c-720d41c3d9aa” “title=微信截图_20241119125858.png;宽度=962;高度=273”）

I'm trying to renew our Distribution Certificate, but when I request a certificate from a certificate authority as described and create the certificate via developer.apple.com and install it, it is installed without a private key, so I can't export it to .p12. What am I doing wrong? Last year this went without any problems. Please help me out, because I have to renew the certificate before 12-12-2024.

I'm trying to store credentials on my keychange by doing this: xcrun notarytool store-credentials --apple-id APPLE-ID --team-id TEAM-ID I then I'm asked for a profile name, and the the App-specific password for my apple-id. This is when I'm getting an error: "Invalid credentials. Username or password is incorrect. Use the app-specific password generated at appleid.apple.com. Ensure that all authentication arguments are correct.". Now, I've generated the app specific pw by logging in here: https://account.apple.com/ but when I login to my Developers account, I do it here: https://developer.apple.com/account/ I've signed up for the "$99 a year"-program. Is there a problem that I've created the pw on what looks like my "private" page and not my "developer" page?

Adobe says that Animate works with the latest Mac OS. When I publish apps with Animate, they work on my computer. With a self-signed certificate, they work on some older Mac OS versions, but not on the 2 most recent. How can I test my apps on others' Mac computers? Robert

Hi, we have received an Application via App Transfer recently. I am now trying to generate a provisioning profile for App Store distribution. When we set the checkmark in Capabilities to use "iCloud Key-value storage" we cannot get "automatically manage signing" to work with an error: Provisioning profile "iOS Team Provisioning Profile: com.some.bundle.identifier" doesn't match the entitlements file's value for the com.apple.developer.ubiquity-kvstore-identifier entitlement. When a Provisioning Profile is manually generated via Developer Portal the com.apple.developer.ubiquity-kvstore-identifier entry shows the value of the previous app owner: "OLDTEAM.com.some.bundle.identifier". How can we change the com.apple.developer.ubiquity-kvstore-identifier value in our provisioning profile to get rid of the old team identifier? Help is much appreciated, thank you. FB15898983

Iam trying to notarize with notarytool command with app-specific password. xcrun notarytool submit <Path> --apple-id <APPLE_ID> --password <APP_SPECIFIC_PASSWORD> --team-id <Team-ID> But it fails with error Error: HTTP status code: 401. Unable to authenticate. Invalid session. Ensure that all authentication arguments are correct. Tried generating new app-specific password, still failing. Tried storing password in keychain with store-credentials option, again failing. --verbose option with store-credentials showing below error This process stores your credentials securely in the Keychain. You reference these credentials later using a profile name. Validating your credentials... [06:05:28.854Z] Info [API] Initialized Notary API with base URL: https://appstoreconnect.apple.com/notary/v2/\ [06:05:28.854Z] Info [API] Preparing GET request to URL: https://appstoreconnect.apple.com/notary/v2/test?, Parameters: [:], Custom Headers: private<Dictionary<String, String>> [06:05:28.855Z] Debug [AUTHENTICATION] Delaying current request to refresh app-specific password token. [06:05:28.855Z] Info [API] Preparing GET request to URL: https://appstoreconnect.apple.com/notary/v2/asp?, Parameters: [:], Custom Headers: private<Dictionary<String, String>> [06:05:28.855Z] Debug [AUTHENTICATION] Authenticating request to '/notary/v2/asp' with Basic Auth. Username: , Password: private, Team ID: [06:05:28.856Z] Debug [TASKMANAGER] Starting Task Manager loop to wait for asynchronous HTTP calls. [06:05:30.194Z] Debug [API] Received response status code: 401, message: unauthorized, URL: https://appstoreconnect.apple.com/notary/v2/asp?, Correlation Key: [06:05:30.195Z] Error [TASKMANAGER] Completed Task with ID 2 has encountered an error. [06:05:30.195Z] Debug [TASKMANAGER]Ending Task Manager loop. Error: HTTP status code: 401. Unable to authenticate. Invalid session. Ensure that all authentication arguments are correct.

Hi, I have built a MacOS application that I intend to distribute directly. I have created a disk image and code-signed successfully with the following response. xcrun notarytool info --apple-id "" --password "" --team-id "" I have also submitted the app for notarisation which says it's accepted. equipp@equipps-MacBook-Pro dist % xcrun notarytool submit SendFiles.dmg --keychain-profile "Sendfiles-Notarisation" --wait Conducting pre-submission checks for SendFiles.dmg and initiating connection to the Apple notary service... Submission ID received id: a2941225-b036-47b3-a010-547b0dce6a1a Upload progress: 100.00% (79.0 MB of 79.0 MB) Successfully uploaded file id: a2941225-b036-47b3-a010-547b0dce6a1a path: /Users/equipp/Documents/GitHub/sendfiles/dist/SendFiles.dmg Waiting for processing to complete. Current status: Accepted................ Processing complete id: a2941225-b036-47b3-a010-547b0dce6a1a status: Accepted When I run the application on a clean mac, I am still getting the error that this application is from an unidentified developer and might contain malware.(There's internet connection) However, when I try to staple the application, I am getting an error 65. Unsure what's going wrong with the notarisation. equipp@equipps-MacBook-Pro dist % xcrun stapler staple SendFiles.dmg Processing: /Users/equipp/Documents/GitHub/sendfiles/dist/SendFiles.dmg Could not validate ticket for /Users/equipp/Documents/GitHub/sendfiles/dist/SendFiles.dmg The staple and validate action failed! Error 65. equipp@equipps-MacBook-Pro dist % Can you please help?

I have already posted asking about this: [quote='768005021, CynthiaSun, /thread/768005, /profile/CynthiaSun'] Codesigned and notarized app cannot directly write files inside the app bundle... [/quote] But there are still some doubts that have not been answered. We use Qt to develop an application on the macOS platform, and we are attempting to perform code signing and notarization to ensure our the application is trusted by Apple. However, there are a few things that seem weird regarding this statement: "App bundles are read-only by design." Let me provide more details. Currently, when our application starts, it needs to create folder (e.g. Temp) in the root directory of the executable For example: Myapp.app/Contents/MacOS/Myapp ---> Myapp.app/Contents/MacOS/Temp The folder is designed for storing runtime logs or config files for our application. In the past, users may also modify the settings inside target folder if needed. However, the strange thing is that after the application is codesigned and notarized. When we double-click the application Myapp (a.k.a Myapp.app) in Finder, it could successfully launch and create the Temp folder inside the Myapp.app/Contents/MacOS folder. However, when we navigate and attempt to run the main application executable in command line mode (as our application supports this command line execution) $ cd Myapp.app/Contents/MacOS $ ./Myapp -h As our application will check if the root folder has write permission before starting (i.e., check if Myapp.app/Contents/MacOS is writable because we require to create Temp folder in the following steps) It pop up the error that folder does not have write permission. The aforementioned scenarios seems to conflict with this statement: "App bundles are read-only by design" (because when the application is launched directly by clicking in Finder, the Temp folder can be created successfully, but via the console command line, it cannot). I would like to confirm again if writing files in the notarized application MacOS directory is not allowed? If not, have any recommended approaches? (e.g., changing the folder to another directory). What causes the different results in these running scenarios? We are not concerned about breaking the signature after application launched, as it seems that macOS will add it to system trust list after first time successfully launch. (Download the app from internet --> System: it is an app downloaded from the internet. Are you sure want to open it...? OK --> Although our application creates the Temp folder after first launch, when we click the application second time, it could directly open the app)

Hi, I have been notarizing my code for several years with the same procedure, but today I have the following message : Conducting pre-submission checks for FencingFox.zip and initiating connection to the Apple notary service... Error: HTTP status code: 401. Invalid credentials. Username or password is incorrect. Use the app-specific password generated at appleid.apple.com. Ensure that all authentication arguments are correct. CloudKit query for FencingFox.pkg (1/00a276f170785e1dcbfbd6873a00b9309672338b) failed due to "Record not found". Could not find base64 encoded ticket in response for 1/00a276f170785e1dcbfbd6873a00b9309672338b The staple and validate action failed! Error 65. I have changed my apple password and migrated to Sequoia. How should I investigate the issue ?

In Xcode's (version 16.1) "Devices and Simulators" window pressing the device's context menu item "Show Provisioning Profiles..." does nothing: no new window, no message, nothing. How can I fix this?

As of Nov 25, 2024, Xcode 16.1 won't recognize an App Store provisional profile as Eligible so you cannot select the provisional profile for signing. Which means you cannot archive it for upload to Apple. Setting it to manual or automatic signing does not help. Even going to the dev site and making new, fresh provisional profiles did not work. rebooting xcode did not work. rebooting the computer did not work.