I've got a Developer ID Application certificate - however when I open the details in KeyChain it tells me "Developer ID Application XXXXXXX certificate is not trusted"
When I try signing my code with this certificate, using
codesign -s MY_CERTIFICATE_NAME -v --deep --timestamp --entitlements entitlements.plist -o runtime "path/to/MyApp.app" --force
I get
Warning: unable to build chain to self-signed root for signer MY_CERTIFICATE_NAME
It does work when I use another certificate - one that is trusted (however with that other certificate, I get problems in notartizing, apparently because it is an "Apple Development" certificate and not a "Developer ID Application" certificate).
How can I make my certificate trusted?
All online advice I can find online doesn't help:
- Find any other certificates and change their trust settings from "Always Trusted" to "Use System Defaults" (however they all are on "Use System Defaults" already).
- Adding intermediate signing certificates to KeyChain as in - https://stackoverflow.com/a/66083449/851699 - I've tried this, and my problem persists.