After confirming an order for an Apple Developer account, the bottom of the page says: Need some help? Chat now or call 1‑800‑MY‑APPLE. Question 1: Why make your developers translate from 1-800-MY-APPLE to a phone number manually? It would cost no more to say call 1-800-MY-APPLE or 1-800-555-5555 or whatever the translation is. It's just one example where Apple could provide a bit more information and make it better for the developers than they do. The whole Apple Developer enrollment / account / team / certification process is astonishingly unintuitive and could be helped so much by simply providing additional information as we work through the process. You say "Sign in to run locally" but offer no info about where to sign in. (A place for name and email appeared briefly, I entered my password incorrectly and now it doesn't seem to show up at all?) Question 2: That number seems to go to support for hardware orders (iPhones, machines, etc.). Is there a different number for developer account issues? Question 3: I paid $99 to renew the dev account, but I still can't build my SwiftUI XCode project due to Signing & Certificate Issues, and there's a bit of conflicting feedback. Feedback 1: When I click my order, it says: Apple Developer Program - Membership for one year Enrollment Complete Order Placed(Completed) Electronically Delivered (Completed) Thanks for being a part of the Apple Developer Program. Feedback 2: When I go to https://developer.apple.com/enroll/purchase, it says: Complete your purchase. Once you complete your purchase, you’ll receive a purchase acknowledgement and a membership confirmation email, and it wants me to pay $99 again. Seems unnecessarily challenging just to be able to build and run my XCode app on my own machine. Many of the involved options have little help associated to resolve issues. XCode recognizes my account, and I have a cert for running on my machine but it appears to be "in progress" so I'm dead in the water for now. Question 4: Any ideas how many days it takes before the payment will clear and I can play with my app again?

Hello, I am trying to use XCode to generate a 'embedded.provisionprofile' file. My Xcode macos project keeps giving me an error saying: Provisioning profile "BRandNewMebedded" doesn't include signing certificate "Apple Distribution: Martin Barker (LV6WXG529F)". When I download the Provisioning Profile file "BRandNewMebedded" from online, I make sure it has "Mac App Distribution" checked, but even if i edit it to use the first option "Distribution" and re-download it, my XCode keeps saying the same error in red.

Electron-Builder Version: 24.12.0 Electron-Builder-notarize Version: 1.5.1 Node Version: v15.14.0 Electron Version: 11.3.0 Electron-updater version: ^4.3.5 Target: Mac Apple Store (mas) Hello, I am trying to build and sign a new version of my electron app for the mac apple store (mas), but when I get to the final step of uploading the RenderTune.pkg file to the mac transporter app, I get a failed status with 22 errors all the same formatting like so: Asset validation failed (90284) Invalid Code Signing. The executable 'com.martinbarker.digifyunique.pkg/Payload/RenderTune.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/etc....dylib' must be signed with the certificate that is contained in the provisioning profile. (ID: abc-abc-abc-abc-abc) In order to build and sign this RenderTune.pkg file, first I run the command npm run build-mas locally while on branch v1.1.5 ( code here ) Which runs the following command: "build-mas": "electron-builder build --mac && sh signmasscript.sh", So first it runs electron-builder build --mac and gives this output: Martins-MacBook-Air:rendertune-v1.1.5-feb-24 martinbarker$ npm run build-mas > rendertune@1.1.5 build-mas > electron-builder build --mac && sh signmasscript.sh • electron-builder version=24.12.0 os=20.6.0 • loaded configuration file=package.json ("build" field) • writing effective config file=dist/builder-effective-config.yaml • packaging platform=darwin arch=x64 electron=11.3.0 appOutDir=dist/mac • signing file=dist/mac/RenderTune.app platform=darwin type=distribution identity=ACBACBACBACBACBACBACBACBACB provisioningProfile=none • skipped macOS notarization reason=`notarize` options were not provided • building target=DMG arch=x64 file=dist/RenderTune-mac.dmg • building target=macOS zip arch=x64 file=dist/RenderTune-mac.zip • building block map blockMapFile=dist/RenderTune-mac.dmg.blockmap • building block map blockMapFile=dist/RenderTune-mac.zip.blockmap Completes without issue. The next part is running the signmasscript.sh file, which does complete but gives these errors: Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 Failed to parse entitlements: AMFIUnserializeXML: syntax error near line 1 productbuild: Adding component at /Users/martinbarker/Documents/projects/rendertune-v1.1.5-feb-24/dist/mas/RenderTune.app productbuild: Signing product with identity "3rd Party Mac Developer Installer: Martin Barker (LV6WXG529F)" from keychain /Users/martinbarker/Library/Keychains/login.keychain-db productbuild: Adding certificate "Apple Worldwide Developer Relations Certification Authority" productbuild: Adding certificate "Apple Root CA" productbuild: Wrote product to /Users/martinbarker/Documents/projects/rendertune-v1.1.5-feb-24/RenderTune.pkg productbuild: Supported OS versions: [10.10.0, ) The final output RenderTune.pkg file gives 22 error messages saying `` when I try to deliver it via the mac os transport app. Asset validation failed (90284) Invalid Code Signing. The executable must be signed with the certificate that is contained in the provisioning profile Is my app even being signed correctly? Or is there just one file that I need to fix? Please help me out !

I am working on an open source app. I have been testing the package installer, and something unexpected is happening: the .pkg won't run on my test machine and will instead show a banner saying "myApp.app can't be opened because Apple cannot check it for malicious software"; nevertheless, if I wait some minutes, the installer will run just fine! After reading through many of ekimo's posts, I assumed it may have something to do with stapler. I was not stapling my .dmg originally, so that's something I may be missing (my app is installed by a .pkg inside a .dmg). Nevertheless, the computer where I am testing the app has internet connection, meaning stapler should not even come into play. Regardless, I decided to staple my .dmg. Running xcrun stapler staple -v myApp.dmg after notarizing produces this result: builder ~ % xcrun stapler staple -v /Users/builder/Data/HEAD/installation/Packages/myApp.dmg Processing: /Users/builder/Data/HEAD/installation/Packages/myApp.dmg Properties are { NSURLIsDirectoryKey = 0; NSURLIsPackageKey = 0; NSURLIsSymbolicLinkKey = 0; NSURLLocalizedTypeDescriptionKey = "Disk Image"; NSURLTypeIdentifierKey = "com.apple.disk-image-udif"; "_NSURLIsApplicationKey" = 0; } Creating synthetic cdHash for unsigned disk image, myApp.dmg. Humanity must endure. Signing information is { cdhashes = ( {length = 20, bytes = 0xdd018313b1c574a403f01dccc96c21705987d76c} ); "cdhashes-full" = { 2 = {length = 32, bytes = 0xdd018313 b1c574a4 03f01dcc c96c2170 ... 918d33f3 d5a74dc3 }; }; cms = {length = 0, bytes = 0x}; "digest-algorithm" = 2; "digest-algorithms" = ( 2 ); flags = 2; format = "disk image"; identifier = ADHOC; "main-executable" = "file:///Users/builder/Data/HEAD/installation/Packages/myApp.dmg"; source = "explicit detached"; unique = {length = 20, bytes = 0xdd018313b1c574a403f01dccc96c21705987d76c}; } Stored Codesign length: 12 number of blobs: 0 Total Length: 12 Found blobs: 0 JSON Data is { records = ( { recordName = "2/2/dd018313b1c574a403f01dccc96c21705987d76c"; } ); } Headers: { "Content-Type" = "application/json"; } Domain is api.apple-cloudkit.com Response is <NSHTTPURLResponse: 0x600003b85ba0> { URL: https://api.apple-cloudkit.com/database/1/com.apple.gk.ticket-delivery/production/public/records/lookup } { Status Code: 200, Headers { Connection = ( "keep-alive" ); "Content-Encoding" = ( gzip ); "Content-Type" = ( "application/json; charset=UTF-8" ); Date = ( "Mon, 26 Feb 2024 15:34:15 GMT" ); Server = ( "AppleHttpServer/78689afb4479" ); "Strict-Transport-Security" = ( "max-age=31536000; includeSubDomains;" ); "Transfer-Encoding" = ( Identity ); Via = ( "xrail:st53p00ic-qujn15041902.me.com:8301:24R11:grp60,631194250daa17e24277dea86cf30319:59e17ac665e1de7388b8f4e69e92e383:defra2" ); "X-Apple-CloudKit-Version" = ( "1.0" ); "X-Apple-Edge-Response-Time" = ( 99 ); "X-Apple-Request-UUID" = ( "9fc0fe2d-49fd-4e74-b718-660c56edb3bb" ); "X-Responding-Instance" = ( "ckdatabasews:16306401:st42p63ic-ztfb05112901:8807:2409B432:afc827b7b1ebf24829e9c4856d4b69205f23804f" ); "access-control-expose-headers" = ( "X-Apple-Request-UUID,X-Responding-Instance,Via" ); "x-apple-user-partition" = ( 63 ); } } Size of data is 165 JSON Response is: { records = ( { reason = "Record not found"; recordName = "2/2/dd018313b1c574a403f01dccc96c21705987d76c"; serverErrorCode = "NOT_FOUND"; } ); } CloudKit query for myApp.dmg (2/dd018313b1c574a403f01dccc96c21705987d76c) failed due to "Record not found". Could not find base64 encoded ticket in response for 2/dd018313b1c574a403f01dccc96c21705987d76c The staple and validate action failed! Error 65 What does this show? Thank you.

Hello! I'm dealing with a strange code signing issue which is preventing me from distributing a game through Steam. I'm able to sign and notarise the app in Xcode without any issues. I can verify that the app and all frameworks in /Contents/Frameworks/ are signed, and Gatekeeper allows the app to run without complaining. $ spctl --assess -vvv ~/Temp/CodeSigningTest/GoodApp.app /Users/ruairi/Temp/CodeSigningTest/GoodApp.app: accepted source=Notarized Developer ID origin=Developer ID Application: Ruairi Dorrity (3F97UA4BF8) $ codesign --verify -vvv ~/Temp/CodeSigningTest/GoodApp.app --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/ogg.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/ogg.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/mpg123.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/mpg123.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/libmodplug.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/libmodplug.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/freetype.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/freetype.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/Lua.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/Lua.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/vorbis.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/vorbis.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/OpenAL-Soft.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/OpenAL-Soft.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/theora.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/theora.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/love.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/love.framework/Versions/Current/. --prepared:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/SDL2.framework/Versions/Current/. --validated:/Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/SDL2.framework/Versions/Current/. /Users/ruairi/Temp/CodeSigningTest/GoodApp.app: valid on disk /Users/ruairi/Temp/CodeSigningTest/GoodApp.app: satisfies its Designated Requirement However, if I zip the app and upload it to Steam, the app that the Steam client downloads is blocked by Gatekeeper ("damaged and can't be opened") and re-running the above commands shows that the code signing seal has been broken somehow on the downloaded app: $ spctl --assess -vvv ~/Temp/CodeSigningTest/BadApp.app /Users/ruairi/Temp/CodeSigningTest/BadApp.app: cannot find code object on disk $ codesign --verify -vvv ~/Temp/CodeSigningTest/BadApp.app /Users/ruairi/Temp/CodeSigningTest/BadApp.app: code object is not signed at all In subcomponent: /Users/ruairi/Temp/CodeSigningTest/BadApp.app/Contents/Frameworks/love.framework The second command can be re-run, showing a seemingly random framework from /Contents/Frameworks/ each time e.g. $ codesign --verify -vvv ~/Temp/CodeSigningTest/BadApp.app /Users/ruairi/Temp/CodeSigningTest/BadApp.app: code object is not signed at all In subcomponent: /Users/ruairi/Temp/CodeSigningTest/BadApp.app/Contents/Frameworks/ogg.framework Further investigation shows that these frameworks are now unsigned, when they were signed before uploading and downloading: $ codesign --verify -vvv ~/Temp/CodeSigningTest/BadApp.app/Contents/Frameworks/ogg.framework /Users/ruairi/Temp/CodeSigningTest/BadApp.app/Contents/Frameworks/ogg.framework: code object is not signed at all $ codesign --verify -vvv ~/Temp/CodeSigningTest/BadApp.app/Contents/Frameworks/love.framework /Users/ruairi/Temp/CodeSigningTest/BadApp.app/Contents/Frameworks/love.framework: code object is not signed at all ... $ codesign --verify -vvv ~/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/ogg.framework /Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/ogg.framework: valid on disk /Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/ogg.framework: satisfies its Designated Requirement $ codesign --verify -vvv ~/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/love.framework /Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/love.framework: valid on disk /Users/ruairi/Temp/CodeSigningTest/GoodApp.app/Contents/Frameworks/love.framework: satisfies its Designated Requirement I'm stumped as to what's happening here. Is is possible that the app is being modified being the scenes by Steam, which breaks the code signing? This seems unfathomable because it would surely break code signing on every Mac game on Steam, but I really can't understand what else would be going on. I'm sure I need to expand my knowledge on code signing; any pointers, suggestions or assistance is greatly appreciated! Thank you!

I am migrating my project from Xcode 13 to Xcode 14.3.1. My project has five subproject that contains few command line toll and dylibs. I have a custom build script that runs on VSO pipeline. Pipeline failing on 'building submodules and build App' stage. This is my build script snapshot- Pipeline only build my application successfully when I am passing 'CODE-SIGN-REQUIRED' ='NO' But I need a signed build for further action. Please help me how can I get a signed build. Note - Using same certificate I am able to build, run and archive app in my Xcode.

I recently inherited a project to port an app bundle to arm64, and some of the design decisions in the app bundle are undocumented. I'd like to structure the bundle as canonically as possible, to minimize future problems as much as possible. In particular, there are two areas where I would like some clarification. I have read all of eskimo's guides (what a godsend!), but have not been able to find an explanation for these yet. We have some helper executables that allow us to run jobs in the background, etc... Historically, these have always been in Contents/Resources, for some reason; that seems to be a bad idea. I have seen conflicting advice suggesting to use Helpers or just MacOS. What are the advantages or disadvantages of using each folder? Would dumping all the executables in MacOS be an adequate solution and, if not, why should I use Helpers? Our app contains "compiled extensions" in Contents/SharedSupport, which consist of small intel-based apps (with their own app bundle) that our app can interact with. They are supposed to be a demo of extensions that the users could code and compile themselves, thus justifying their location. Should these be signed in any special way? Our app used to employ the --deep flag for code signing, but following eskimo's guidelines I have removed that, and it is not clear to me how these should be signed. Thank you.

Hello, I'm running into an issue when code signing my .app file on macOS. After introducing the --entitlements flag, I'm encountering an error that prevents the app from launching: Error Messages: App UI: "Cannot open the file" Terminal (using open file.app) The application cannot be opened for an unexpected reason, error=Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x60000216d620 {Error Domain=NSPOSIXErrorDomain Code=153 "Unknown error: 153" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}} Troubleshooting Details: Without code signing, the app launches and permission pop-ups function correctly (the file tauri generates). With code signing (but without --entitlements), the app launches but there are no permission pop-ups. All scenarios (without signing, with signing, with signing + --entitlements) all have Info.plist in the /Contents of the .app file Notarizing and stapling works fine when I do not include the --entitlements flag when signing. Code for signing with entitlements: codesign --timestamp --sign "Developer ID Application: ()" --options=runtime --entitlements ./src-tauri/Info.plist "${APP_FILE}" Specifications MacBook Air, M2, 16GB macOS Sonoma 14.3.1 Xcode 15.2 (Build version 15C500b)

I am facing a problem in electron's apps notarisations. I have submitted my NodeJS code and the validations takes a long time. Hope, anyone can clarify why it takes so long.

Relevant background: WWDC23: Get started with privacy manifests WWDC23: Verify app dependencies with digital signatures Upcoming third-party SDK requirements Many of the SDKs that will require privacy manifests and signatures are distributed as source and integrated via Swift Package Manager. I recently studied the progress made by ~10 of the listed SDKs and it seems like there's a growing consensus that the solution to including a privacy manifest when distributing via source is to list the manifest as a bundled resource. However, I've seen little discussion of the signing requirement. This is understandable since, as the forum post Digital signatures available for Swift Packages? points out, the dependency signing talk was focused on binaries. Yet, I'm curious whether signing of some kind will actually be required for SDKs distributed as source (e.g. to enable validating the authenticity of the privacy manifest). Clarification on this point would help tremendously as we work to ensure we'll be compliant as soon as the new requirement begins to be enforced.

I've installed the same developer certificate onto three different Macs. When viewed in the keychain (or in Xcode) on one Mac it says its revoked, on another it says its not trusted, but on a third there's no issue reported. How could there be a difference between the three Macs? (Both Macs have the date/time set to be the same). Can 3rd party software, VPNs etc. interfere in this at all?

Hello everyone, Due to a change in our development team we had to revoke some certificates and regenerate new one. I have generated a Development Mobile profile including needed certificates etc. Also, in Xcode 15 i have disabled "automatically manage signing" and everything look okay as I can see the generated provisioning profile, my team, my certificate etc. Build is working correctly. We are using App Center as a CI to build/archive.. our iOS app. During the last step of the archive export I have the following error which I cannot resolve : [command]/usr/libexec/PlistBuddy -c Print CFBundleIdentifier /Users/runner/work/1/output/build/archive/OurStagingApp.xcarchive/Products/Applications/OurStagingApp.app/Info.plist com.OurStagingDomain.OurStagingApp [command]/usr/libexec/PlistBuddy -c Add provisioningProfiles:com.OurStagingApp.OurStagingApp string toktokdoc provisioning profile development _XcodeTaskExportOptions.plist [command]/usr/bin/xcodebuild -exportArchive -archivePath /Users/runner/work/1/output/build/archive/OurStagingApp.xcarchive -exportPath /Users/runner/work/1/output/build/export/_XcodeTaskExport_OurStagingApp -exportOptionsPlist _XcodeTaskExportOptions.plist 2024-02-08 14:21:05.218 xcodebuild[18640:56463] [MT] IDEDistribution: -[IDEDistributionLogging _createLoggingBundleAtPath:]: Created bundle at path "/var/folders/r0/ztvld9wd66bfpv_g6h3ksl000000gn/T/OurStagingApp_2024-02-08_14-21-05.213.xcdistributionlogs". 2024-02-08 14:21:05.370 xcodebuild[18640:56463] [MT] IDEDistribution: -[IDEDistributionMethodManager orderedDistributionMethodsForTask:archive:logAspect:]: Error = Error Domain=IDEDistributionMethodManagerErrorDomain Code=2 "Unknown Distribution Error" UserInfo={NSLocalizedDescription=Unknown Distribution Error} error: exportArchive: exportOptionsPlist error for key "method": expected one of {}, but found development Error Domain=IDEFoundationErrorDomain Code=1 "exportOptionsPlist error for key "method": expected one of {}, but found development" UserInfo={NSLocalizedDescription=exportOptionsPlist error for key "method": expected one of {}, but found development} ** EXPORT FAILED ** ##[error]Error: /usr/bin/xcodebuild failed with return code: 70 I tried to regen certificates, regen provisioning profile, use automatically signed.. Also this is the logs of the last working build : DEV PROV PROFILE TokTokDocRCX [command]/bin/rm -f _xcodetasktmp.plist [command]/usr/libexec/PlistBuddy -c Print CFBundleIdentifier /Users/runner/work/1/output/build/archive/OurStagingApp.xcarchive/Products/Applications/OurStagingApp.app/Info.plist com.OurDomain.OurStagingApp [command]/usr/libexec/PlistBuddy -c Add provisioningProfiles:com.OurDomain.OurStagingApp string DEV PROV PROFILE TokTokDocRCX _XcodeTaskExportOptions.plist [command]/usr/bin/xcodebuild -exportArchive -archivePath /Users/runner/work/1/output/build/archive/OurStagingApp.xcarchive -exportPath /Users/runner/work/1/output/build/export/_XcodeTaskExport_OurStagingApp -exportOptionsPlist _XcodeTaskExportOptions.plist 2023-08-02 11:20:01.234 xcodebuild[19044:64264] [MT] IDEDistribution: -[IDEDistributionLogging _createLoggingBundleAtPath:]: Created bundle at path "/var/folders/cn/nkrr6l5n0jz01kq9jbtb9tg00000gn/T/OurStagingApp_2023-08-02_11-20-01.233.xcdistributionlogs". Exported OurStagingApp to: /Users/runner/work/1/output/build/export/_XcodeTaskExport_OurStagingApp ** EXPORT SUCCEEDED ** I have replaced some logs with "OurStagingApp". Also when trying to build the archive via xcode 15 the button validate is disabled. In my podfile: target.build_configurations.each do |config| config.build_settings['ENABLE_BITCODE'] = 'NO' config.build_settings['CODE_SIGNING_ALLOWED'] = 'NO' config.build_settings['IPHONEOS_DEPLOYMENT_TARGET'] = '14.0' config.build_settings['BUILD_LIBRARY_FOR_DISTRIBUTION'] = 'YES' config.build_settings['SKIP_INSTALL'] = 'NO' end Thanks for your help

When we added a com.apple.developer.associated-domains entitlement to our apps, they crash on launch with a code signing error on our old 2011 Mac running 10.13.6 High Sierra. The signature is accepted on current Macs, and the associated domains do work. The command line utilities say everything is ok, the entitlement is in the signature and the embedded profile. The apps will run fine on High Sierra without the entitlement. The only guess I have is perhaps High Sierra is rejecting any unknown entitlement? The error is Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: No Unsatisfied Entitlements are listed. Removing the entitlements from the signature lets the apps run on High Sierra.

Xcode Cloud succeeds in building the Release configuration of the app, but whenever deployment preparation is set to "TestFlight and App Store" the last step fails with: ITMS-90035: Invalid Signature. Code failed to satisfy specified code requirement(s). The file at path “{AppName}.app/{AppName}” is not properly signed. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose “Clean All” in Xcode, delete the “build” directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/support/code-signing. When I build for release (with manual signing) everything works as expected and uploading to TestFlight for external testing works. I have tried to removed every imported framework, library, file etc. only keeping the bare minimum and still Xcode Cloud fails with the same error. I even created a new empty project but I still get the same error. My only guess is that something is off with the automatically generated certificates (or provisioning profiles) that Apple creates. Is there any way to figure out what specifically makes the signing fail? Is there a way to reset Xcode Cloud to clear all data and caches, revoke all certificates and remove all accosiated provisioning profiles?

Hi, I have create a universal app then did this: https://support.apple.com/en-vn/guide/apple-business-essentials/axm20c32e0c6/web But this doesn't produce a working package installer. productbuild --sign "3rd Party Mac Developer Installer: ****" --component /Applications/MyApp.app MyApp-universal.pkg Do I need to create a code signature with codesign, prior to call productbuild? regards, Joël

What are the file differences between the IPA I created with Xcode, uploaded to the App Store, and the one downloaded to the end user's phone? Does any process other than encryption, re-signing, and app thinning cause changes in these files?

Learn how code signing uses certificates to identify code authors. View Technote TN3161 >

It requires a provisioning profile, and while I have one, I cannot select it within Signing & Capabilities since it is empty. On blank projects it works as intended, but whenever the Unity stuff gets imported, it just disappears entirely, making it impossible to export Unity Titles to visionOS.

Hello, Im currently having signing issues submitting my Swift macOS app to App Store Connect. After submitting it using Xcode I receive an e-mail with these issues: ITMS-90238: Invalid Signature - The main app bundle CodeMenu at path CodeMenu.app has following signing error(s): nested code is modified or invalid . Refer to the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html for more information. ITMS-90238: Invalid Signature - The nested app bundle CodeMirror-SwiftUI at path CodeMenu.app/Contents/Frameworks/CodeMirror-SwiftUI.framework has following signing error(s): valid on disk /Volumes/workspace/app_data/SWValidationService/mz_15562079435119469448dir/mz_7860448159412669971dir/id.thedev.marcin.CodeMenu.pkg/Payload/CodeMenu.app/Contents/Frameworks/CodeMirror-SwiftUI.framework/Versions/A: does not satisfy its designated Requirement /Volumes/workspace/app_data/SWValidationService/mz_15562079435119469448dir/mz_7860448159412669971dir/id.thedev.marcin.CodeMenu.pkg/Payload/CodeMenu.app/Contents/Frameworks/CodeMirror-SwiftUI.framework/Versions/A: explicit requirement satisfied . Refer to the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html for more information. ITMS-90238: Invalid Signature - The nested app bundle iosMath at path CodeMenu.app/Contents/Frameworks/iosMath.framework has following signing error(s): valid on disk /Volumes/workspace/app_data/SWValidationService/mz_15562079435119469448dir/mz_7860448159412669971dir/id.thedev.marcin.CodeMenu.pkg/Payload/CodeMenu.app/Contents/Frameworks/iosMath.framework/Versions/A: does not satisfy its designated Requirement /Volumes/workspace/app_data/SWValidationService/mz_15562079435119469448dir/mz_7860448159412669971dir/id.thedev.marcin.CodeMenu.pkg/Payload/CodeMenu.app/Contents/Frameworks/iosMath.framework/Versions/A: explicit requirement satisfied . Refer to the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html for more information. ITMS-90296: App sandbox not enabled - The following executables must include the 'com.apple.security.app-sandbox' entitlement with a Boolean value of true in the entitlements property list: [[CodeMenu.app/Contents/MacOS/CodeMenu]] Refer to App Sandbox page at https://developer.apple.com/documentation/security/app_sandbox for more information on sandboxing your app. The app has required entitlements enabled, like App Sandbox and Hardened Runtime. I don't know what can be the cause of it, but from what I read I'm guessing that something is somewhere it isn't meant to be and the other issues are a result of it. However, I don't know how can I begin debugging this. thank you in advance.

I'm not able to run my app on my device as Xcode is unable to create a provisioning profile for my app without the paid developer membership. I followed the troubleshooting steps on stack overflow here but to no avail. Any help?