My app crashes while uploading to App Store Connect in Xcode 15.3. What should I do?

Hi everyone! We use to have an intel Mac machine where we generate the Developer ID Installer & Application certs for signing and notarization process. This process works sweet. Now, we move from an intel to a m1 Mac machine, where we want to do the same process as before. I had try two different approaches, but ending up with the same result. I export the cert with the private key from my intel to the m1 machine, but when I try to sign, I get: Invalid signature. (Not sure what this error means in this case as everything works on the intel machine. I am guessing the cipher for creating either the private key or the signature differs between the architecture) I try to generate new certs for this m1 machine, but I get the following error: You already have a current Developer ID installer certificate or a pending certificate request. I try with the same account, but also with a different account. In both cases got the same error. I create a ticket for apple, where they said to expect a reply between one and two business days, but no luck yet.

I'm trying to build my Expo app. I already built it for Android, but now I'm struggling to create a release on iOS to upload on TestFlight. I have the apple developer account of my university, and they added our bundle ID there(I'm not an admin). When I try to build with EAS, it requires a p12 file. So, I tried to generate it in this way: From Keychain Access I created a CSR(by adding my mail and name) and then on Apple Developers I uploaded it(Certificates > +), so I downloaded a .cer file I opened the .cer on Keychain Access and I dragged it under "login" section From there I exported the p12 file But that p12 gives me always this error when I run npx eas build --platform ios : Provided Distribution Certificate is no longer valid on Apple's server after submitting the p12 file on eas console. Can someone help us? Thanks in advance for your availability :)

An error occurred. Unable to import “Apple Development: Name ()”. Error: -25294 Mac mini M1 macOS Sonoma Version 14.4.1

How to change Bundle ID in "Certificates, Identifiers & Profiles" (Edit your App ID Configuration) ? Which certificate is needed for a free Mac application (.app) ? The application need only save\restore disk data (no extension, no wifi, no In-App Purchase, etc). A very simple basic 3 windows application (type math Calculator). Do I need set some "Capabilities" (App Services) ?

Hi, I have been using a Developer ID Installer Certificate to sign my installer packages since a long time now. Recently, the sign command started giving me error, Error - Certificate is expired or not yet valid. Please check certificate validity. The certificate itself is valid till 2025, so I am confused on the issue. To get a clearer understanding, I created a new certificate by following instructions in the link, https://developer.apple.com/help/account/create-certificates/create-developer-id-certificates However, when I try to use this to sign my installer package, I get the following error, Unable to build a valid certificate chain. Please make sure that all certificates are included in the certificate file. I am using ZXPSignCmd to sign the installers. Hoping for guidance to a quick resolution.

hi, just to know: when i, download certificates and install by doble click appear and error. when choos icloud... here a pictureof theerror any comment or. help will be apreciatesomuch. .thanks . https://ibb.co/7rGbKr4

Hi Team, Need your help on solving the errSecInternalComponent error which is getting generated while doing a xcode archive command from jenkins jobs. Currently using Sonoma-14.4, Xcode-15.2, in local it's working well both build and archive but in case of jenkins i am unable to get that, i already given security-unlock commands also before the archive stage but no use, Commands passed: security unlock-keychain -p xxxx /Users/ec2-user/Library/Keychains/login.keychain-db; \ security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k xxxxx Please let me know if i have missed any configuration thing. Error Signing Identity: "iPhone Distribution: " Provisioning Profile: "Notification Content Dist Profile" (ffb7be92-3e65-4be4-b161-07c7f75723f0) /usr/bin/codesign --force --sign 1FD10D04940E92C7A212E4A27C1E11D5C3DB12E9 --preserve-metadata\=identifier,entitlements,flags --generate-entitlement-der /Users/ec2-user/Library/Developer/Xcode/DerivedData/ReferenceApp-CardAppSDK-bwgchbllhpzevwgvnuwqvjywfeju/Build/Intermediates.noindex/ArchiveIntermediates/ReferenceApp-CardAppSDK/IntermediateBuildFilesPath/UninstalledProducts/iphoneos/NotificationContentExtension.appex/Frameworks/PushNotificationExtensions.framework Warning: unable to build chain to self-signed root for signer "iPhone Distribution: " /Users/ec2-user/Library/Developer/Xcode/DerivedData/ReferenceApp-CardAppSDK-bwgchbllhpzevwgvnuwqvjywfeju/Build/Intermediates.noindex/ArchiveIntermediates/ReferenceApp-CardAppSDK/IntermediateBuildFilesPath/UninstalledProducts/iphoneos/NotificationContentExtension.appex/Frameworks/PushNotificationExtensions.framework: errSecInternalComponent please help on this ASAP

I have an Xcode project (generated from Qt) which is signed by a post-processing script. It uses the invocation: codesign -o runtime --sign "$(CODE_SIGN_IDENTITY)" CODE_SIGN_IDENTITY is set to "Apple Development" in the Build Settings for the target. The signing step fails with this complaint Apple Development: ambiguous (matches "Apple Development: <my name> (an ID)" and "Apple Development: <my company email> (another ID)" in login.keychain-db) It is true, I do have two Apple Development certificates. I thought one is for personal development (when you pick the personal team) and the other for company development (when I pick the company team). I have other Xcode projects (built "by hand") which have CODE_SIGN_IDENTITY set to "Apple Development" and with Automatic signing turned on, and they build just fine, even though I have two certificates with common names beginning "Apple Development". However, when I look at the build log of those regular Xcode projects, which are signed by Xcode rather than in a post-processing script, the Signing step logs this: Signing Identity: Apple Development: (an ID) not simply "Apple Development". Xcode seems to have resolved the ambiguity all on its own before calling codesign. It then calls codesign using the hash of the certificate as its identifier. How can I emulate Xcode's behavior here? The postprocessing script runs on different developer's machines - they all have multiple "Apple Development" certificates, and they are all different from one another.

Since 2023 Apple have strongly suggested signing XCFrameworks to verify their origins. This has worked perfectly fine for the last year. Seeing that our certificate was about to expire, we revoked it and created a new one which we will use to sign all future releases. However, because that first certificate has been revoked, all previous releases of our XCFramework now have invalid signatures because the certificate they used no longer exists. While an update to the latest XCFramework would solve the issue, that's not always a possibility for people with lower minimum deployment targets that can only run an older version of our XCFramework. In the wwdc video on the topic it states: When the xcframework author's signing certificate expires, Xcode is able to automatically validate that a new certificate for Apple Developer Program identities is from the same developer. Does this mean that if we had not pre-empted the expiry and instead let the certificate expire, we wouldn't have this backwards compatibility issue? The course of action we've had to take is to manually go through all of our releases for the last year and re-sign them with the latest certificate. This doesn't seem like a tenable solution each year. Looking for guidance on how to manage this situation each year.

I made some changes to my MAUI app in VS 2022 on Windows 11. I had no trouble testing my app on a locally connected iPhone before, but now when I try to debug the same app (with changes), on the same iPhone, and the same Windows machine, with the same valid certificates in the VS Apple Accounts Details, I get this error: iOS code signing key 'Apple Development: B... (...)' not found in keychain. Why is it even referring to the keychain when I'm on a Windows machine using VS2022 valid certificates in the VS Apple Accounts Details Also, I'm getting "MSB6006: 'codesign' exited with code 3." error when trying to test/debug on a remote mac machine.

I know there is a quite a few costs and licenses required for post apps to the App Store. I am interested in only developing apps for my own phone to see if this is something I want to venture into. Is there a way (or online resources) that allow me to develop just for myself and install on my phone to experiment with? It does not make much sense if I have to purchase a developer license and all the other requirements if I am just experimenting, and being limited solely to the Xcode simulator is only half the experience. Thoughts? and any help would be appreciated.

Hello . Currently, only the ios version is on sale on the App Store. The application is offering an icloud-linked, auto-renewable subscription. I want to sell to the app store connect with the same identifier, AppID at the same time. I simply added visionos to the existing app project to provide the visionos version early, but the existing UI-related code and the location-related code are not compatible. We used the same identifier with the same name, duplicated and optimized only what could be implemented, and created it without any problems on the actual device. However, when I added the visionos platform to the App Store cennect and tried to upload it through the archive in the app for visionos that I created as an addition, there was an error in the identifier and provisioning, so the upload was blocked. The result of looking up to solve the problem App Group -I found out about the function, but it was judged that a separate app was for an integrated service, so it was not suitable for me. Add an APP to an existing app project via target and manually adjust the platform in Xcode -> Build Phases -> Compile Soures -> Archive upload success?( I haven't been able to implement this stage of information yet.) I explained the current situation. Please give me some advice on how to implement it.visionos has a lot of constraints, so you need to take a lot of features off.

Hi I have had severe malware issues recently and need to factory reset my Mac. I may have to reinstall the OS as well in case it has a root-kit. This means I cannot use any standard backups ( Time Machine etc.) and will manually recreate my user setup on the Mac. Will reinstalling Xcode and downloaded signing certificates from my developer account work ? Are there other things to consider ? I will recreate my user ( assuming the uid will be the same as well ) Has anyone tried this before? What is your experience with it?

Hi, I created a developer id certification from my apple developer account a couple of year ago and downloaded it as .cer file into my Laptop. Now I want to use this certificate to sign my application, but unfortunately Xcode shows an error message like 'Missing Private Key" and I can also see that there is no private key under my developer id certificate(there is no grey arrow to expand to see private cer) in keychain access. Moreover my developer account is expired and I do not want to extend it yet so unfortunately no solutions with apple developer account will work like creating a new certification etc. Do you have any other solutions like using Keychain Access or Xcode to link my private key again into my developer id certificate? Note: 1-.cer file was created on my laptop by me, which I am using now. So I would expected that the related private key should already exist in my Keychain Access(if I did not delete it mistakenly.) but I do not know which private key is the relevant one, I have several of them. 2-I have also a CertificateSigningRequest.certSigningRequest file which was copied near my .cer file. Maybe it could be useful for a solution? 3-No! unfortunately I do not have any .p12 file. 4-I had already installed current AppleWWDRCAG3 file before I import my .cer file into my Keychain Access Tool. 5-Get Info shows that my cer file is still valid till sep 2025. 6- I have already restarted my Xcode and laptop. 7-I tried all solutions here: https://stackoverflow.com/questions/12867878/missing-private-key-in-the-distribution-certificate-on-keychain 8-https://developer.apple.com/account/resources/ shows me no certificate with the reason that my membership expired 9-I removed and re-added my apple account into Xcode. the same error occurred. XCODE:Version 15.3 (15E204a) OSX:macOS Sonoma 14.2.1 Thanks a lot in advance.

Hi All, We use a small group of Mac mini units running VMs for our Apple CI system. Since you can't login to an Apple ID on an Apple Silicon VM we wanted to use an App Store Connect API token to handle all the authentication for us. In the past this has not worked but I wanted to see if it could now. The answer is no, you can not use an API token with Developer ID Cloud certificates. The reason is that, even on an Admin role token, the DevID certificates are not enabled by default. When you are using an Apple ID this is no big deal as you can check the box to allow access, but with tokens they are minted with only the default settings for the role. This means that the option for Access to Cloud Managed Developer ID Certificates is always disabled and you can't enable it. If we could continue logging in with an Apple ID we could stumble along with that still, but even this ability is gone on AS VMs. Right now this pretty much means that we either give up on using stateless VMs to build or we go back to manually managing all of our code signing materials. The longer term solution would be to move to Xcode Cloud, but that will take us quite some time. I filed FB13687073 to see if there is any way to create a token that can use this checkbox.

I use three Macs for development of a web application. On each of the Macs (macOS 14.4) I used mkcert to install a local CA and to issue developer certificates (all separately). Accessing the web app with https://localhost:8080 works fine on two Macs with all browsers, but on one Mac Safari claims to have another root CA for localhost which it does not trust. And I cannot override the trust settings. Using Keychain Access I do not find this certificate. Safari shows it like this: Scrolling down I can see DNS Names localhost, localhost.localdomain and lvl.me, so I suspect it is a leftover from trying to install a root CA before using mkcert. The mkcert certificate looks like this and I can see it in the System keychain: So Safari complains and I cannot tell it to trust the server certificate as the CA does not fit (I think). Firefox and Chrome open the website just fine after warning me and me telling them to do so. I tried to find the wrong CA using Keychain Access and Terminal (security find-certificate -a -c localhost, security find-certificate -a -c lvh...) but in vain. Where can I find this certificate and how can I delete it?

Hey there! I was invited to be admin to a new developer account and it seems like admins cannot create dev certificates anymore. I already have a personal account and I was invited to the new team, but Xcode can't find my new team, it's showing the personal team only. Can I create a request or something so the account holder can create a dev certificate and give it to me so I can develop on my MacBook with my own account? Thanks!

If I develop my app with an SDK(binary) that other person developped and then the SDK certificate has expired,Can I submit my app to app store? Or should I get a new SDK with updating certificate?

Hello, I am setting up a build (Gitlab CICD) runner. I create a keychain and imported certificate and my signing key. $ security find-identity -v XXXXXX "Developer ID Application: XXXXXX, INC. (XXXXXX)" (CSSMERR_TP_NOT_TRUSTED) 1 valid identities found $ security find-identity -p codesigning -v XXXXXX "Developer ID Application: XXXXXX, INC. (XXXXXX)" 1 valid identities found Codesign fails with unable to build chain to self-signed root for signer "Developer ID Application: XXXXXX, INC. (XXXXXX)" errSecInternalComponent On the local machine everything is fine. I think the point is that the identity is both valid and CSSMERR_TP_NOT_TRUSTED. What can I do about it?