I'm trying to migrate the scripts that build my application from an Intel Mac running Mojave (Xcode 10.3) to an M1 Mac running Big Sur (Xcode 12.5.1).
On the M1 Mac, codesign triggers a pop up a window asking for an admin username/password each time it signs something. This happens whether it is invoked via a script or directly in Terminal. The pop-up appears twice when signing a Universal binary, once when signing a single-architecture binary.
The popup says:
macOS wants to make changes. Enter an adminstrator's name and password to allow this.
macOS wants to use the "System" keychain.
and it has a "Deny" button and an "Allow" button, but not an "Always Allow" button. (Another issue: the username is not pre-populated, even though I am logged in as an admin.)
My "Developer ID Application" certificate is stored in my login keychain, as is the "Apple Worldwide Developer Relations Certification Authority" certificate, which expires 2030-02-19.
The "System" keychain contains an "Apple Application Integration Certification Authority" certificate expiring 2026-10-20. (Another issue: that certificate can't be deleted!)
Suggestions?