Enhancement request filed: FB7599909.

What platform are you working on? I am working on the iOS platform.The trust object passes the policy requirements when I add the anchor certificate using the SecTrustSetAnchorCertificates. It fails if I do not with the 'MissingIntermediate : 0' key/value. This indicated to me that the 'MissingIntermediate' referred to the anchor certificate as well.Why? Because after setting it as the trusted anchor, the 'MissingIntermediate = 0' went away. I interpreted 'MissingIntermediate = ?' to mean verifying the the entire certificate chain: from the lead node through the intermediates to the anchor certificate.Do you know which policy key MissingIntermediate corresponds to? Is it the IdLilnkage key (from SecPolicyRef)?

Thank you for the clarification. Although I can add certificates to the keychain in iOS, you point out that they are not used during the trust evaluation.

I added your code and received the (null) result, indicating that the Certificate Transparency policy test failed.(I removed timestamps and replaced some text within <>)Evaluate against trust policy Policy: SecPolicyName : <my hostname> SecPolicyOid : 1.2.840.113635.100.1.3 (Apple SSL Policy)--> kSecTrustCertificateTransparency: (null) Security Trust: TrustEvaluationDate : <some date> TrustResultValue : kSecTrustResultUnspecified (4) Certificates:(2) <my leaf SSL Server certificate> <my self signed anchor SSL Server certificate> TrustResultDetails : (note no key value pairs appear here) Policy requirements metI was expecting the trust result details dictionary (using TrustResultDetails key) to add an item, kSecTrustCertificateTransparency : 0. This is how the other policy tests show failure that I have seen.If I read this correctly, the CT policy test fails, no failures are reported, and the TrustResultValue value of kSecTrustResultUnspecified indicates pass.So why does trust policy pass when the CT test fails?

I found the issue that was causing Git 'push' commands from the Xcode's Source Control menu options to fail. It was due to the url naming convention used in the local repository's config file. This is located in your project's '.git' folder and titled 'config'. This file is populated with remote, branch, core and other sections for your project.In this instance, under the [remote "origin"] section, my url was defined as ssh://user@host:/path/to/project. The command line Git had no problem with this url. Xcode however, did not like the scheme component of the url. So, after dropping the 'ssh://' component, and using user@host:/path/to/project, Xcode pushed changes to the remote repository as expected.I never determined why Xcode did not like the url.For those interested in viewing how Xcode uses Git, you can modify your user's '.gitconfig' file with the following:[trace2] normalTarget = /Users/Lazarus/log_git.normalThis directs output to the log_git.normal file as Xcode uses Git (for non-remote repository commands). Then 'tail -f log_git.normal' in a separate shell to watch the activity.The trace2 commands are found in 'man git-config' then searching for 'trace2'.

Encountered same problem using Xcode 13.1 and an iPad Pro iOS 15.4 (just installed). Updating to Xcode 13.3 solved the problem for me. note : The update took 2 hours for me. Use Activity Monitor to find the PID for installd, then use 'caffeinate -s -d -w ' to keep system and display up until the installd process finishes.