Context: large platform-agnostic CLI tool built as a handcrafted bundle (not via an Xcode project) that has been successfully codesigned, stapled, and zipped; macOS 14.7.5 syspolicy_check reports App passed all pre-distribution checks and is ready for distribution. However, running the executable in the Terminal produces a "cannot be opened because the developer cannot be verified" popup. The executable does succeed after manually clearing its quarantine attribute. Having worked through Resolving Gatekeeper Problems, the only detail logged in the Console is Adding Gatekeeper denial breadcrumb (direct): ... bundle_id: NOT_A_BUNDLE. Experimental observations: a minimized trivial CLI executable with a similar bundle layout and name successfully executes without being rejected, and oddly, renaming the original bundle from "name" to "name.suffix" allows it to be successfully executed. It's unclear why the bundle name would affect Gatekeeper only in some circumstances, and we'd greatly prefer not to rename the bundle for compatibility reasons, so it would be good if there were some way to get further diagnostic detail leading to a workaround - thank you.

Hi, I am working on a personal HIDDriverKit project. The documentation suggests that you do not need the entitlements from Apple to do local development - that all you need to do is turn of SIP, enable developer mode, and turn signing to "Sign to Run Locally". However, I have followed all of these steps, and am still running into the error that to build, I need to have a provisioning profile with the DriverKit (development) feature (MacOS 15.2 Xcode 16.2). Am I missing something here regarding the steps for local development? Does one need to request a development version of the entitlements even for local development? Do I need a paid developer account to do this? Thank-you in advance.

On MacOS, I know that App Groups (com.apple.security.application-groups) do not require a provisioning profile. I was wondering if it's possible to sign them "ad hoc" and have it work? So maybe use a random TEAMID prefix and have it work? I would only need the app to work locally (for testing), not be distributed in that fashion, of course.

I am currently having issues uploading my app to appstoreconnect.apple.com/notary/ for notarization. It times out after hanging for a while. I get the following error. 13:42:04 "LocalDataTask <D84AED32-B05B-4439-8BDC-40C0F89B89F1>.<1>" 13:42:04 ), NSLocalizedDescription=The request timed out., NSErrorFailingURLStringKey=https://appstoreconnect.apple.com/notary/v2/asp?, NSErrorFailingURLKey=https://appstoreconnect.apple.com/notary/v2/asp?, _kCFStreamErrorDomainKey=4})

In the LightweightCodeRequirements framework, there is a LaunchCodeRequirement object which can be used as a requirement object for a Process for example. What I don't understand (I admit my macOS low-level knowledge is limited) is that how can this be used in a secure way that doesn't fall victim of a Time-of-Check/Time-of-Use issue. e.g. I specify a LaunchCodeRequirement via Process.launchRequirement for my process, let's say /usr/local/bin/mycommandlinetool. The LaunchCodeRequirement specifies my development team and a developer ID certificate. The process must be started in some form, before a SecCode/SecTask object can be created, rather than a SecStaticCode object (which only guarantees its validity checks to be intact as long as the file is not modified). But if the process was started, then I have no tools in my set to prevent it from executing its initialization code or similar. Then, by the time I'm able to check via SecCode/SecTask functions the LaunchCodeRequirement, I might have already ran malicious code - if mycommandlinetool was maliciously replaced. Or does the operating system use a daemon to copy the executable specified for Process to a secure location, then creates the SecStaticCode object, assesses the LaunchCodeRequirement and if passed, launches the executable from that trusted location (which would make sure it is immutable for replacement by malicious actors)? I have a hard time understanding how this works under the hood - if I remember correctly these are private APIs.

I am subscribed to an individual developer license. https://developer.apple.com/documentation/xcode/configuring-network-extensions "Network Extension" does not appear in the Capability section in Xcode. Below is my Xcode screenshot.

Coming from Windows, I'm finding Mac app packaging farcically complicated, to the level of a Python sketch. I mastered Windows packaging, via Inno, in an hour or so, but it has taken me, on and off, the best part of a week to get to the point I am at with the Mac OS, and I'm nowhere near finished (rather, it hasn't finished with me). Every time I surmount one hurdle, another pops up, seemingly just for the jollies. I'm currently stuck at: 'Error: HTTP status code: 403. A required agreement is missing or has expired. This request requires an in-effect agreement that has not been signed or has expired. Ensure your team has signed the necessary legal agreements and that they are not expired.' My account lists no agreements in this category. I understand the need for security, but not the labyrinthine nature of the process. An inner-party member in the former Soviet Union overheard a drunken Stalin say, “I trust no one; not even myself". Apple trusts no one, but has true contempt for developers. Is there a simple way to work through the packaging process? Let me rephrase that: please God, let there be a simpler way of working through the process! Regards, in extremis, Richard

I am running into this error with productbuild in github actions where the program hangs with a specific developer id. I have verified that my certification files are properly uploaded etc. and i am able to run this without the --sign command online and with --sign offline. if i sign with a "3rd party mac developer installer: ***" it will run but then crash on stapling because this isn't the actual org i want to staple and don't really need to verify that i could staple with this other license since it is my personal license and i will be leaving this job soon so setting up all my other certs is a waste of time since it doesn't solve the problem. When i use my bosses/org "Developer ID Installer: ***" productbuild just hangs. I am at a loss here... the acutal command running is productbuild --resources ./resources --distribution distribution.xml --sign "${{ secrets.DEVELOPER_ID_INSTALLER }}" --timestamp "${{ env.ARTIFACT_NAME }}.pkg" I have confirmed that my distribution file is fine etc. because I can productbuild without signing fine. Any suggestions on where to go?

I am trying to package a Filemaker 18 Runtime app. A week ago, I managed to get 90% of the way towards doing as much, using MS Copilot as a guide. Unfortunately, due to my confusion over the landing stage files, I decided to start the process from scratch. This time, I fell at the first stage: Code Signing my .app Bundle. The Terminal command: codesign --deep --force --verify --verbose \ --sign "Developer ID Application: ME (V********)" \ "/Users/Me/Documents/Apps/MyApp/Runtime/MyApp/My App.app" Returned the error: /Users/Me/Documents/Apps/MyApp/Runtime/MyApp/My App.app: bundle format unrecognized, invalid, or unsuitable In subcomponent: /Users/Me/Documents/Apps/MyApp/Runtime/MyApp/My App.app/Contents/Frameworks/FMWrapper.framework No matter how many separate elements within the bundle I sign, I encounter the same error message. A few days ago, the identical command worked first time. I would be obliged for any help you can provide. Thanks.

mac .cer证书不能导出.p12证书 不知道那个步骤出错

Hello, I am normally a windows programmer, but I am trying to get my PySide/Qt app into the app store. I'm almost there, I just have a couple of questions about the signing process. I have two laptops, one intel silicon, one mac silicon. I created 2 CSR's, one on each laptop and used them to generate 2 Mac Installer Distribution certificates and 2 Mac App Distribution certificates. When it came to downloading the provisioning profile, I selected one Mac App Distrbution Certificate on the interface at developer.apple.com, saved it and then downloaded to the appropriate laptop. I then switched the provisioning profile to the other Mac App Distribution Certificate and downloaded it to the other laptop. I then built the app and uploaded everything using xcrun altool. On the intel machine only(which has the first provisioning profile) I successfully uploaded the package but I get an email identifying lots of similar errors of the type (Lets call it error1): ITMS-90284: Invalid Code Signing - The executable XXXXX must be signed with the certificate that is contained in the provisioning profile. On the ARM machine only i get the following error (Lets call it error2): ITMS-91109: Invalid package contents - The package contains one or more files with the com.apple.quarantine extended file attribute, such as XXXXXXXX embedded.provisionprofile”. This attribute isn’t permitted in macOS apps distributed on TestFlight or the App Store. Please remove the attribute from all files within your app and upload again. On both I get the following error lets call it error3: ITMS-90886: 'Cannot be used with TestFlight because the signature for the bundle at XXXXX is missing an application identifier but has an application identifier in the provisioning profile for the bundle. Bundles with application identifiers in the provisioning profile are expected to have the same identifier signed into the bundle in order to be eligible for TestFlight.' My first inclination is that all the error1's are coming from having two sets of CSRs, Mac Distribution certificates, provisioning profiles etc. Should I have only used one CSR and made one each of the Certificates? I don't know why I have error2. I don't know where the quarantine attribute is coming from and why it would affect the mac silicon and not the intel. Any ideas? my entitlements file has the following: <key>com.apple.security.cs.allow-jit</key> <true/> <key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/> <key>com.apple.security.cs.disable-library-validation</key> <true/> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.device.bluetooth</key> Error3 is the one where I need to try a few things but knowing what is expected will help. In the provisioning profile when viewed at developer.apple.com it has the APP ID listed as the 10 digit id followed by the bundle ID but I sometimes see just the 10 digit app ID being used and sometimes the bundle ID. I know that it's up to me to figure out how to get it into the build, but knowing what it should be would be helpful. On the other hand the text "Bundles with application identifiers in the provisioning profile ..." indicates that if the application identifier was not in the provisioning profile i might get away with it, but this might be grasping at straws. If you have made it this far, thank you for reading.

Hey there, I'm experiencing an issue with notarization of my macOS application, which is blocking a release. We have signing/notarization hooked up to our CI process, both for prior releases as well as development builds (at the trunk tip). The notarization process has typically taken anywhere from a few minutes to a few tens of minutes, but for our most recent release, it's taking an unreasonably long time. I've compiled the submission info for each build (+ reattempted notarizations) below. What's interesting is that the oldest one was accepted- however, it timed out our CI process, so we never actually released it. Subsequent builds are more or less identical in terms of their content, however, they've been stewing in the notarization process for over 13 hours in some cases. % xcrun notarytool info 67413dae-64f5-4372-972d-e0ac158e18e3 Successfully received submission info createdDate: 2025-04-02T16:28:25.999Z id: 67413dae-64f5-4372-972d-e0ac158e18e3 name: Warp Vault.app.zip status: In Progress % xcrun notarytool info 0c72b243-4a8d-4976-a97b-75689d7e2497 Successfully received submission info createdDate: 2025-04-02T05:49:05.861Z id: 0c72b243-4a8d-4976-a97b-75689d7e2497 name: Warp Vault.app.zip status: In Progress % xcrun notarytool info 8e2edfc2-58bc-4b33-bc8e-078155759a81 Successfully received submission info createdDate: 2025-04-02T05:23:28.870Z id: 8e2edfc2-58bc-4b33-bc8e-078155759a81 name: Warp Vault.app.zip status: In Progress % xcrun notarytool info 8fb17b0c-ace4-4b6f-bef8-68d22696814d Successfully received submission info createdDate: 2025-04-02T05:07:48.187Z id: 8fb17b0c-ace4-4b6f-bef8-68d22696814d name: Warp Vault.app.zip status: Accepted At the time of checking, the UTC date was: % TZ="UTC" date Wed Apr 2 18:42:14 UTC 2025 It's interesting to me that the notarization process is taking this long. We've notarized many development builds (with debugging flags enabled) in the time between our last public release and our attempt to notarize this one. What's more, the original build for this release was notarized within the span of about 15 minutes, but subsequent submissions of the same build have hung for tens of hours. My two questions are: How can I get our pending notarizations "unstuck"?, and To prevent these types of hangs in the future, should I also routinely build/sign/notarize non-debug builds of my application during the development process? Best regards and many thanks, Charlton

Hello, my iOS apps are exiting right after launch on a few of our iOS devices. I tried a couple of my apps that are deployed to our fleet and they do the same thing. If I run the app(s) in the Simulator it works fine and if I run the app(s) on the offending devices it works fine as well. Once I stop the run in Xcode the app on the device will not launch. I'm thinking something is missing like a certificate etc. Just not sure. Any ideas on how to troubleshoot this? I would really like to get this fixed.

Hi, I have created a conda python environment which I have packaged into a .tar.gz (using conda-pack) and which runs correctly when extracted (in this example, it only contains the scipy package). However, when I sign the necessary files within the environment (i.e. the binaries, the dylibs, the .so files), attempting to load scipy.sparse now fails with the error "mapped file has no cdhash, completely unsigned" about one of the .so files. Furthermore, I believe that this file does in fact have a cdhash. The signing process represented by my example below has been working for about a year, and I am unsure why it has suddenly stopped working. I am on a 2020 MacBook Pro with an i7 processor and running Sequoia 15.1.1. Here is a minimal example showing the creating of the conda environment, codesigning, and the error message. Many thanks in advance! # Create and activate conda env > conda create -y -n mwe_env python=3.10 > conda activate mwe_env # Verify scipy not initially installed (mwe_env) > python Python 3.10.16 (main, Dec 11 2024, 10:24:41) [Clang 14.0.6 ] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> import scipy Traceback (most recent call last): File "<stdin>", line 1, in <module> ModuleNotFoundError: No module named 'scipy' (mwe_env) > pip install scipy Collecting scipy Downloading scipy-1.15.2-cp310-cp310-macosx_14_0_x86_64.whl.metadata (61 kB) Collecting numpy<2.5,>=1.23.5 (from scipy) Downloading numpy-2.2.4-cp310-cp310-macosx_14_0_x86_64.whl.metadata (62 kB) Downloading scipy-1.15.2-cp310-cp310-macosx_14_0_x86_64.whl (25.1 MB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 25.1/25.1 MB 17.3 MB/s eta 0:00:00 Downloading numpy-2.2.4-cp310-cp310-macosx_14_0_x86_64.whl (7.0 MB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 7.0/7.0 MB 16.4 MB/s eta 0:00:00 Installing collected packages: numpy, scipy Successfully installed numpy-2.2.4 scipy-1.15.2 (mwe_env) > python Python 3.10.16 (main, Dec 11 2024, 10:24:41) [Clang 14.0.6 ] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> import scipy.sparse >>> # success! # Package conda env (mwe_env) > conda-pack --output mwe_env.tar.gz --name mwe_env Collecting packages... Packing environment at '/path/to/my/conda/envs/mwe_env' to 'mwe_env.tar.gz' [########################################] | 100% Completed | 7.8s (mwe_env) > conda deactivate > mkdir mwe_dir && cd mwe_dir > tar -xzvf ../mwe_env.tar.gz > source bin/activate (mwe_dir) > python Python 3.10.16 (main, Dec 11 2024, 10:24:41) [Clang 14.0.6 ] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> import scipy.sparse >>> # success! # Sign the binaries and .dylibs and .so files (mwe_dir) > find bin -type f | xargs -n1 xcrun codesign -f -o runtime --timestamp --sign "Developer ID Application: MY_TEAM_ID" (mwe_dir) > find . -name "*.dylib" -o -name "*.so" -type f | xargs -n1 xcrun codesign -f -o runtime --timestamp --sign "Developer ID Application: MY_TEAM_ID" # the second command prints many lines saying it is "replacing existing signature" (mwe_dir) > python Python 3.10.16 (main, Dec 11 2024, 10:24:41) [Clang 14.0.6 ] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> import scipy.sparse Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/__init__.py", line 315, in <module> from . import csgraph File "/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/csgraph/__init__.py", line 187, in <module> from ._laplacian import laplacian File "/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/csgraph/_laplacian.py", line 7, in <module> from scipy.sparse.linalg import LinearOperator File "/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/__init__.py", line 134, in <module> from ._eigen import * File "/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/__init__.py", line 9, in <module> from .arpack import * File "/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/__init__.py", line 20, in <module> from .arpack import * File "/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/arpack.py", line 50, in <module> from . import _arpack ImportError: dlopen(/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/_arpack.cpython-310-darwin.so, 0x0002): tried: '/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/_arpack.cpython-310-darwin.so' (code signature in <5DD8FC01-7360-3DB9-8273-C8A45ABB19A9> '/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/_arpack.cpython-310-darwin.so' not valid for use in process: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.), '/System/Volumes/Preboot/Cryptexes/OS/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/_arpack.cpython-310-darwin.so' (no such file), '/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/_arpack.cpython-310-darwin.so' (code signature in <5DD8FC01-7360-3DB9-8273-C8A45ABB19A9> '/path/to/mwe_dir/conda_env/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/_arpack.cpython-310-darwin.so' not valid for use in process: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.) # But: (mwe_dir) > xcrun codesign -dvvv /path/to/mwe_dir/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/_arpack.cpython-310-darwin.so Executable=/path/to/mwe_dir/lib/python3.10/site-packages/scipy/sparse/linalg/_eigen/arpack/_arpack.cpython-310-darwin.so Identifier=_arpack.cpython-310-darwin Format=Mach-O thin (x86_64) CodeDirectory v=20400 size=4318 flags=0x10000(runtime) hashes=129+2 location=embedded Library validation warning=OS X SDK version before 10.9 does not support Library Validation Hash type=sha256 size=32 CandidateCDHash sha256=816731ecd1ad01b38555cbfef8c000628696d0ca CandidateCDHashFull sha256=816731ecd1ad01b38555cbfef8c000628696d0ca53376aebf6fae28d8c02f519 Hash choices=sha256 CMSDigest=816731ecd1ad01b38555cbfef8c000628696d0ca53376aebf6fae28d8c02f519 CMSDigestType=2 CDHash=816731ecd1ad01b38555cbfef8c000628696d0ca Signature size=9000 Authority=Developer ID Application: MY_TEAM_ID Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=2 Apr 2025 at 16:24:52 Info.plist=not bound TeamIdentifier=MY_TEAM_ID Sealed Resources=none Internal requirements count=1 size=188

Every recent attempt to create a Installer certificate has failed, and now we've hit the maximum. We can't revoke them either — the portal only shows "Download," not "Revoke." Xcode also fails with: "Signing Certificates Error: There is a problem with the request entity. You already have a current Developer certificate or pending certificate request." This is completely blocking notarization and distribution of our macOS app. Has anyone resolved this, or does it require Apple to intervene on the backend? (This is a relatively new issue, we have successfully done this in the past hundreds of times over the years.)

Hi all, I'm a solo iOS developer trying to update an app I released in 2010. My current Team ID is Q37598Q8GE, but the app's original App ID uses an old prefix, YHX995W43P. When I try to create a new App ID with the original Bundle ID (eu.andela.woordenes) to generate a new distribution provisioning profile, I get the error:An attribute in the provided entity has invalid value An App ID with Identifier 'eu.andela.woordenes' is not available. Please enter a different string. I understand this might be due to the old prefix from pre-2011, when Apple allowed multiple prefixes per account. I still have access to the app in App Store Connect and want to push an update, not create a new app. How can I resolve this?Can I reuse the existing App ID (eu.andela.woordenes with prefix YHX995W43P) for a new provisioning profile, or do I need to match my current Team ID (Q37598Q8GE)? If the Bundle ID is already taken by my current app, how do I update the app without changing the Bundle ID? Any steps to fix the prefix mismatch in Xcode or App Store Connect?

Hello, I am trying to publish a simple app to the App Store for the first time, and I am getting these 2 errors. Please note the knowledge base URLs shown in the screenshot are not clickable. I think this should be addressed. Any guidance on how to correct these issues will be greatly appreciated. Sincerely, Anis

I was trying to put my game to test flight. I would test features like ads and in-app-purchases, then put on the Appstore(release). The game already works on Ipad. For test flight, the "automatically manage signing" option was enabled. Then I pressed the "archive" button. Built succeeded. Then I clicked the distribute button. That time, I had an error. "Upload failed, Invalid signature, App is not properly signed". I researched, and found special characters in name, team name and address can make errors. My name, address and team name have special characters(turkish). If it will be resolved, I want to re-write(fix) my name, team name and address. I already tried to change my name, team name and address from apple developer website but failed. They are asking a document of my identity of my new name but I didn't changed my name and address. Overall, there aren't any other facts that cause this issue as I know. If I send my current, unchanged identity and home address, could they allow to change(fix) them? On Console Log: DangerNo.app/DangerNo: ID : 6cfa13a9-685c-4df9-86dd-7506d67be8c5 DangerNo.app/Frameworks/UnityFramework.framework/UnityFramework: ID : 2b63aacc-9caf-453c-913f-bae0db14d363 My App ID : 6744022885 Error : Invalid Binary rejection email indicating a corrupted code signature was detected. Explanation : Invalid Signature - Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose "Clean All" in Xcode, delete the "build" directory in the Finder, and rebuild your release target.

Hi all, I'm developing a simple Finder Sync Extension, using Xcode 16.3. When running in Debug with Xcode, everything works fine. Instead, when compiling in Release and launching the containing app (by double-clicking on it), the Extension is not recognized (neither loaded) by the system. The only difference between Debug and Release stands in Signing configuration: Debug: Release: As you can see, in Release I'm using a Provisiong Profile, configured with my company's Developer ID. I'm wondering if Capabilities and Entitlements are not what is needed by my app. Anyway, I have no idea what the issue is. Any suggestion will be appreciated. Thank you in advance _Alex

I'm working on a system extension leveraging endpoint security entitlement. However, while in development, is there a way to continue working and testing locally without having the endpoint security entitlement approved or needing the extension signed. I got these errors running a build: Provisioning profile "Mac Team Provisioning Profile: "com.xxxxx.extension" doesn't include the com.apple.developer.endpoint-security.client entitlement.