Hello all, I am having really weird trouble with productsign process using Developer ID Installer certificate. I started cooperation with another company and got both Developer ID Application and Developer ID Installer certificates (including private keys) from them and I am also a part of their apple developer team. Now, I am able to use the first one to codesign binaries, but when trying to sign pkg using the second one, I always get this response: productsign: error: Could not find appropriate signing identity for “Developer ID Installer: The company (XXYYZZ..)“ I've already tried to sign the pkg with certificate of another company and this one works as expected. I've also tried the process on another macOS, the same result. The company is using this certificate on their mac machine without problems. I am calling productsign phase using standard shell script: sudo productsign --sign "Developer ID Installer: The company (XXYYZZ..)" "test.pkg" "signedTest.pkg" We've already tried to use newly generated certificate based on my certificate request, still the same. Also tried using only the team ID code instead of the whole name as advised on some forums, still the same. Do you have any idea or hint how to fix this? I've already lost more than a day with thing that should work without a trouble. Tested on macOS 12.7.1 and Catalina. Vladimír

Hi all I have made an application on Windows Adobe Animate /Air ios. when I tried to get a provisioning profile from Adobe, they said I would have to get this from Apple. So I had to join an Apple developers program which I did at a cost of £79 non-refundable. I began to make up my Provisioning profile on apple developers site and at the very end of the process it told me to press a dedicated button on my Apple computer well I don't have an Apple computer that's why I made the application on Windows Adobe Animate with Air ios converter. When I pointed this out to Adobe their reply was to ask Apple if there is a way round this problem. Well I am asking you guys, is there a way round this? Alan

Hello fellow developers, I hope you're all doing well. I've encountered an issue that I'm hoping someone here might have some insights on. When I try to package my IPA for the production version, I receive a notification that the provisioning profile doesn't match the private key certificate. However, when packaging for the test version, everything works perfectly. I've ensured that I'm using the provisioning profile for the production version and even exported the key for this profile, but they still don't seem to match. Upon further inspection, I noticed that when I applied for the production version of the mobileprovision, the Certificate Name automatically changed to the company name. Has anyone else experienced this issue? If so, how did you resolve it? Any guidance would be greatly appreciated. Thank you in advance for your time and assistance. Best regards

Hi, I have developed a MacOS app I'd like to distribute outside app store. I am an indie developer, there is no company, just me. If I disable gatekeeper, app installs and runs fine. But to distribute, it seems I now have to sign the app (notarise etc) - which means joining Apple Developer Program and paying $99 p.a. for the pleasure. But before I sign up, I wanted to check what will be shown on the certificate? I'd prefer not to show my (fairly unique) name/surname for privacy reasons. Will I be able to specify CN etc for the certificate or am I doomed to publicise my name with the app? Thanks

Hey guys, I'm trying to build a game using GameMaker Studios for iOS but running into this automatic signing issue - I haven't had this issue on past builds, so it's confusing as to what this is. Any ideas of what I could try to solve this? I've tried many solutions but with my limited knowledge I haven't gotten very far - thank you!

If I understand correctly, Apple Distribution certificate type aims to replace the separate platform-specific certificate types. (Please don't jump me, I know this is a very simplified way to put it :D) I am 100% sure Apple Distribution certificate can be used instead of a "Mac App Distribution" certificate, but I'm not sure whether the same is true for installers, namely the "Mac Installer Distribution" certificate. I have read eskimo's great articles on packaging (https://developer.apple.com/forums/thread/701581) and signing (https://developer.apple.com/forums/thread/128166) but I have not seen a definite answer to this question in those. Our command line builds started to fail with a 'no certificate of type Mac Installer Distribution is found' without any actual apparent change to the build process, so I'm just trying to understand this certificate type better. I see no sign of this certificate ever having existed in developer.apple.com under Certificates tab. We use the xcodebuild -exportArchive command with an -exportOptionsPlist that has the following content: <dict> <key>[redacted]</key> <string>[redacted]</string> <key>[redacted]</key> <string>[redacted]</string> </dict> <key>installerSigningCertificate</key> <string>3rd Party Mac Developer Installer</string> <key>signingCertificate</key> <string>Mac App Distribution</string> and this has not changed at all either between the last successful build and the failing ones. I listed the existing code signing identities with security find-identity -p codesigning and only an Apple Distribution certificate shows up, not Mac Installer Distribution certificate.

I have created Apple Development Signing Certificate for my macbook-air device with my developer account email here and when i export the certificate to view details but I found this then, How can I convert it to human readable language or any other better than this to see its content?

Hi, After spending two months trying to launch this app I decided to start from scratch, and regenerate everything from code signing requests, certs, apps, appIDs, App Store entries, EVERYTHING, and at the end of all of it, I get exactly the same problem I've had for months: "Invalid Provisioning Profile. The provisioning profile included in the bundle com.chiltonwebb.secretprojectname [com.chiltonwebb.secretprojectname.pkg/Payload/secretprojectname.app] is invalid. [Invalid 'com.apple.application-identifier' entitlement value.] For more information, visit the macOS Developer Portal. (ID: 723cede2-3c9f-4069-b4fa-581ebd3468b9)" I'm tired of guessing. I've tried everything I can find in these forums. What is the official way to diagnose this problem? -Chilton

Dear Sirs, I've written a Swift App, a C++ application and a Driver Extension using DriverKit and AudioDriverKit. As it works on my development machine now I'd like to give it to some other users and so I'm trying to make a Release Build. I've created a Signing Certificate for "Apple Distribution" which I can use for my Swift App and the C++ application which also both use "com.apple.developer.driverkit.userclient-access". I've been given this entitlement and the "Distribution Support" is for "Development, Ad hoc, App Store, Developer ID". For my Driver Extension I'm using the entitlements "com.apple.developer.driverkit" and "com.apple.developer.driverkit.family.audio" which I've also been given and which show the identical "Distribution Support". But when I try to use my Signing Certificate XCode refuses to use the provisioning profile for the Dext and says "Xcode 14 and later requires a DriverKit development profile enabled for iOS and macOS. Visit the developer website to create or download a DriverKit profile." On the other hand I have to use the same Signing Certificate for my Swift App that embeds the Dext and the Dext itself. How can I create a Signing Certificate for Release mode that works for both, the Swift App and the Dext? Thanks and best regards, Johannes

If I make a certsigningrequest to get a certificate in the developer account, it is not uploaded , i uploaded it but does not appeared it , can you help me ?

Hi, how to re-sign an open ipa file with my developer account and install to my device for testing. Thanks

I got an email from Apple, "Your Developer ID Installer Certificate will no longer be valid in 30 days". So I went to my certificates page on developer.apple.com, and I see the attached photo. Basically, yes, I have a Developer ID Installer Certificate that expires 2023/07/01; but I also have one that expires 2025/12/08, and one that expires 2026/01/09, and one that expires 2026/12/15, and another that expires 2026/12/16! Why do I have all these certificates? I have no idea. There is a "+" button to add a new one; but given that I already seem to have ones that won't expire for several more years, do I need to? There does not seem to be a "-" button, or any way to clear out this cruft. I then recalled that perhaps I have managed my certificates in Xcode in the past, not on this page (or maybe I have done both, at different times?). So I went to Xcode, and things seem to be rather a mess there too, but in a different way (second image attached). Here, I seem to have lots of stale certificates that are in gray and say "Not in Keychain" – how do I clear those out? Again there does not seem to be a "-" button. And the newer ones that I saw on developer.apple.com do not seem to be listed here, maybe – it's hard to compare, though, because on developer.apple.com it shows the expiration date but not creation date, whereas in Xcode it shows creation date but not expiration date. What should I do? Note that I am not a member of multiple different teams, or anything like that; I'm a solo developer. This stuff is really confusing and does not seem to be well-documented anywhere that I have found. Am I just being dense?

I am trying to sign a Java application, packaged in a disk image, via jpackage, invoked via Ant (so no XCode anywhere). The packaging itself works fine, but I am having trouble figuring out the signing parameters. In particular, it seems I will have to provide a parameter --mac-signing-key-user-name What value should I give to this parameter? I have an Apple Developer Account (well, obviously...), I have generated a certificate and quite a few other things, but I am confused as to what the "signing-key-user-name" should be. The error message I currently get from jpackage is: No certificate found matching [...] using keychain [] I am on MAC OS 12.6 and JDK 17. Any help would be greatly appreciated.

Hello. I have an iOS app written in Xamarin, but this issue is not related to Xamarin or Visual Studio. I am trying to deploy my xamarin app onto an iOS device, but I am unable to get the iOS device to install the provisioning profile via Xcode. I work at a company with a decent variety of test devices and the result seems to be the same from iPads to iPods to iPhones of various ages. I have created a certificate and a provisioning profile. The certificate is associated with the provisioning profile on the developer portal. I have imported the certificate (including private keys) into my login keychain on MacOS. I have the .mobileprovision file downloaded to the machine. I am signed into Xcode with my apple developer account. In Xcode, i went to Window &gt; Devices and Simulators and selected my device. I right clicked my device and selected "Show Provisioning Profiles". I clicked the plus and chose my .mobileprovision file. I get the same error on every device: Failed to install one or more provisioning profiles on the device. Please ensure the provisioning profile is configured for this device. If not, please try to generate a new profile.| this is an incredibly vague and unhelpful error. I'm not really sure what it means by "configured for this device". Not sure where to go from here

Xcode version : 14.0 Beta 3 macOS version : 13 Beta 3(22A5295i) Hi, I'm signing the DriverKit in Developer ID Application type profile with Developer ID Application (With Kext) type certificate on Xcode. But status shows error with"Xcode 14 and later requires a DriverKit development profile enabled for IOS and macOS.Visit the developer website to create or download a DriverKit profile" I have downloaded all profiles and Certificates to my Mac and installed all of them, then checked the website. I'm wondering what's different between "Development type" &amp; "Developer ID Application type" profile ? and the reason why "2022-07-22 14:41:54.162815+0800 0x22ee2    Error       0x0                  138    0    kernelmanagerd: Error occurred while handling request "DextLaunch(arguments: Optional(["Driver Extension Server Name": com.asix.dext.usbdevice, "Check In Token": 371, "Driver Extension Server Tag": 4294975444, "CFBundleIdentifier": com.asix.dext.usbdevice, "DriverKit Reslide Shared Cache": 0, "kOSBundleDextUniqueIdentifier": &lt;222f1e51 f5e890f7 b467c2a0 da761dbd 9b14dc5f 1bf56ff6 4eeab6b2 fed9683c&gt;]))": Error Domain=NSPOSIXErrorDomain Code=8 "Exec format error" error code show on when I starting the app. I'll appreciate that someone can give me some idea or suggestions. Thanks a lot.

In my certificate list, I see a certificate type called “iOS Distribution Managed”. What is the difference between this and “iOS Distribution”? It's kind of automatic. I don't remember creating it

How to delete certificates from "Certificates, Identifiers &amp;amp; Profiles?" I have a new Mac and need to create new certificate for it but there is no option of deleting or editing of the existing certificates. When trying to add a new one the option is greyed out with the following commend: Developer ID Application This certificate is used to code sign your app for distribution outside of the Mac App Store. Maximum number of certificates generated.

To support an older version of an iOS app, I needed to install Mojave with Xcode 9. I create a CSR and from there generate an iOS Distribution certificate online, which I download and double click to install in Keychain. However, when viewing in Keychain, it shows in red "iPhone Distribution: CompanyName certificate is not trusted". I'm not sure what I'm doing wrong as I follow the instructions to the T and have done this in the past with success. NOTE: I tried this with Sierra as well and got the same issue. It only seems to work on Catalina, which doesn't help me because I need an older version of Xcode.

I have tried everything and still I am getting this. Just for a test I created a new app (Master-Detail template Xcode 11.5) I have created an entry in the iTunes Connect to receive the app upon archiving and uploading. I regenerated all new certificates for iOS Development and Distribution. I created all new Provisioning profiles. The Dev profile builds deploys and runs on my device The Dist profile builds but when I select the distribution profile I get the "Profile doesn't include the com.apple.application-identifier entitlement." error. When I download the profile within Xcode all looks good for the distribution profile: App ID: matches correctly Certificated: 1 Included includes the new signing certificate "iPhone Distribution...." Capabilities: 3 Included Includes Game Center, In-App Purchase, and Keychain Sharing Entitlements: 5 Included Includes application-identifier, keychain-access-groups, beta-reports-active, get-task-allow, and com.apple.developer.team-identifier. Im not sure what is going on. This is a standard process I have performed for quite a while. As a matter of fact I just submitted 3 applications last Sunday. Thank you for any suggestions.

Hi,my apps run on the iOSSimulator without problems and used to run on devices as well, but after updating to latest XCode-Version I am getting the above error message when trying to run an app on my iPhone 7. It says :"codesign wants to access key "access" in your bunch of keys . To allow this enter your password".... but my apple-Developer-ID-Password doesn't work. And until updating to latest XCode-Version I never had any problems with codesign when running an app on iPhone device.Any hints what's going wrong ?XCode Version 9.1 (9B55)iOS Version 11.1.2 (15B202)Latest High Sierra Version, macbook Pro 2015