Signed app prompts for keychain password

We were using “3rd Party Mac Developer Application” certificate to sign our app which stores some sensitive data in a separate custom keychain.

The cert got expired on March 7, 2015. We generated a new cert from the same account and signed the updated version on the app. But, now the system prompts for keychain password.


We are using the following command to sign the app from command line :


codesign --sign "3rd Party Mac Developer Application: ******” --force --keychain <keychain-name> --verbose <appname>


For both the latest version and old version of the app, codesign verification passes but spctl is rejected.


We generate the keychain password at runtime using some system parameters, which we cannot ask the customer to type in the permission prompt.


Please suggest some solution to avoid the UI-prompt asking the keychain password.

Signed app prompts for keychain password
 
 
Q