Our main Apple account holder initiated the process to generate a certificate for the "Developer ID Installer" option. To finish that, he needed a Certificate Signing Request file, which I generated on the Mac itself. He then used that file to create a .cer file, which I imported on the Mac by double clicking the file. But I'm not sure what to do next, and I'm wondering if we missed something or did something wrong. For one thing, when I click on what I think is the certificate in Keychain Access, a message in red says it's not trusted. Plus what exactly do I need to specify in the codesign command for it to access what is (or should be) in the key chain? The documentation says it wants a "signing identity", but what exactly is that? What should I be looking for in the key chain? Note that when I created the Certificate Signing Request file, I specified my Apple login. When our main account holder created the .cer file, he of course would have done it using his login. These two logins are both supposed to be associated with the same team, but could that be part of the difficulty?