Post not yet marked as solved
Hi, I am running into a strange issue where my universal links work fine on devices when using USB, simulators and TestFlight, it works with no problem on all test environments
But once I submit it for App Review, they don't work. And I have no way to replicate it. At some point they get it working somehow but every resubmission the process repeats where I go back and forth for days until they finally get it working.
Anyone run into this strange issue or has a clue what might be going on?
Post not yet marked as solved
Hello,
I am building a React Native application and it has both the Facebook SDK and OneSignal SDK included. When I try to distribute the app, there are multiple "Asset validation failed" errors.
Signing is set to "Automatically manage signing", there are no build errors.
I have searched around the internet and forums, tried some possible solutions, but ran into the same issue.
This is what I added to the Podfile:
post_install do |installer|
installer.pods_project.targets.each do |target|
if target.respond_to?(:product_type) and target.product_type == "com.apple.product-type.bundle"
target.build_configurations.each do |config|
config.build_settings["CODE_SIGN_IDENTITY[sdk=macosx*]"] = "-"
end
end
end
end
But it didn't work, so I removed this block.
Do you have any ideas how to resolve this issue?
Post not yet marked as solved
Hey all,
I am facing a weird issue when exporting my multi platform project. The project does not make use of the multi platform targets of Xcode yet. For each "module" in the app there exists two targets, one for iOS and one for watchOS. Each of these targets link agains a binary framework that is imported via SPM.
Building works fine but as soon as I want to archive the project at the last step it complains that the Signature for the third party binary framework already exists. Which I think is a valid error message, but it seems to be a bug that the archive process either:
Does not override it, which would be reasonable
Or it should distinguish between the platforms
Or should just not create two signature and just have one signature file created
The error message I see
“ThirdParty.xcframework.signature” couldn’t be copied to “Signatures” because an item with the same name already exists.
Domain: NSCocoaErrorDomain Code: 516
Failure Reason: A file with the name “ThirdParty.xcframework.signature” already exists. Recovery Suggestion: To save the file, either provide a different name, or move aside or delete the existing file, and try again.
-- The operation couldn’t be completed. File exists Domain: NSPOSIXErrorDomain Code: 17 Failure Reason: File exists
-- System Information
macOS Version 13.4.1 (Build 22F82)
Xcode 15.0 (22221.2) (Build 15A5195k)
Timestamp: 2023-07-08T12:43:57+02:00
A simplified project setup is like the following.
┌──────────────────────────────────────────────┐
│ SPM Package │
│ │
│ ┌────────────────────────┐ │
│ │ ThirdParty.xcframework │ │
│ └────────────────────────┘ │
│ │ │
└──────────────────────┼───────────────────────┘
┌────────────┴───────────┐
┌─────────┼────────────────────────┼───────────┐
│ │ CoreFramework │ │
│ ▼ ▼ │
│ ┌───────────────┐ ┌────────────────┐ │
│ │ iOS Target │ │ watchOS Target │ │
│ └───────────────┘ └────────────────┘ │
│ │ │ │
└─────────┼────────────────────────┼───────────┘
│ │
│ │
│ │
│ ▼
│ Embedded in ┌───────────────┐
│ (not ┌───│ watchOS App │
│ standalone) └───────────────┘
│ │
│ │
│ │
│ │
▼ │
┌─────────────────┐ │
│ iOS App │◀──┘
└─────────────────┘
I have the feeling it's rather a beta bug, but I wanted to ensure that's the case and its not me doing something wrong.
Does anyone know if this setup is correct or if there is something I oversee here ?
Any help is highly appreciated !
Feedback is also filed under: FB12373687
Post not yet marked as solved
Hello,
I have a flutter project where my team is pushing changes for an ios app. We have tested locally with no issue and unit tested it. About a week ago we received the following error when we distribute the app.
App Store Connect access for “******” is required. Add an account in the Accounts preference pane. Please try again, and if issue persists file a bug report at "https://feedbackassistant.apple.com."
Our signing has not changed, nor has our permissions in the app. I have reached out to support several times and they literally said they aren't tech savvy and I should go here. With links too the code signing docs even though already had it booked marked.
I get it, app markets are a pain on any platform. Do I have to resign again cause apple updated something? I am definitely not a fan of apple's code signing process. I would rather just automate this if there is a better solution. We tried CodeMagic but keep running into issues with that as well.
Post not yet marked as solved
I'm trying to copy a DriverKit project's dext output after building it, but it's not getting signed in the DerivedData until after the copy to my location. I've tried to select the "Code Sign On Copy" option in the Copy Files steps, but the checkbox is just not there (there's some kind of text box there instead that doesn't take any text?). It works for every other Copy Files selection; it only doesn't work for drivers.
I've also tried adding the CodeSignOnCopy attribute to the .dext product in the xcode project's Copy Files step manually without using the Xcode UI, but that doesn't do anything either.
Is there a way to set this attribute or otherwise mimic its functionality?
Post not yet marked as solved
Dear iOS Developers,
I have a question about In-House distribution for iOS 17, currently I am using Xcode 14.x for distribute my application (for iOS 16.x and below). In the future, Apple will release the new iOS version that is iOS 17. So, my question is
1./ "Do I need to build and distribute the mobile application with Xcode 15 for supporting iOS 17?
2./ or iOS 17 can run In-house mobile application fine with building and distribution with Xcode 14.x?"
Anybody have knowledge about it?
Thanks,
Lam
Post not yet marked as solved
Hello!
I am having trouble with a Developer ID Application certificate that I have clearly added to the Keychain with Keychain Access not being recognized by codesign or DMG Canvas. Here is the command that DMG Canvas uses to see if there are any certificates for signing:
$ /usr/bin/security find-identity -p codesigning
Policy: Code Signing
Matching identities
0 identities found
Valid identities only
0 valid identities found
This shows that no certificates are found but there definitely are some.
I installed this cert to both the System and login keychains, I tried to the Local Items keychain but this failed with an error I will display below.
This image (names redacted) clearly shows the certs are there, valid, and not expired (behind the error) and also shows the error popup for when I try to add the cert to the Local Items keychain:
Essentially I am asking why does Keychain Access say that I have the certificates but nothing can find it in order to sign applications. Thank you!
Post not yet marked as solved
Good day.
We are moving our CI to Github Actions and we have met a problem whereby even though we have 1/1 codesigning identities that are valid, trying to sign MyTrue as per guides posted in the forum still results in this error.
SSH is fine.
Would appreciate to have some light shed on this. Thanks in advance!
Hi,
I have a dynamic library libmowglicore.dylib, which works fine in non sandboxed enviroment(command line cpp project). libmowglicore.dylib is signed, it shows valid on disk.
When i add it to network extension project, network extension getting crash on launch.
0 dyld 0x102c8e81c dyld3::MachOFile::compatibleSlice(Diagnostics&, void const*, unsigned long, char const*, dyld3::Platform, bool, dyld3::GradedArchs const&) + 76
1 dyld 0x102c72b9c invocation function for block in dyld4::JustInTimeLoader::makeJustInTimeLoaderDisk(Diagnostics&, dyld4::RuntimeState&, char const*, dyld4::Loader::LoadOptions const&, bool, unsigned int) + 96
2 dyld 0x102c72b9c invocation function for block in dyld4::JustInTimeLoader::makeJustInTimeLoaderDisk(Diagnostics&, dyld4::RuntimeState&, char const*, dyld4::Loader::LoadOptions const&, bool, unsigned int) + 96
3 dyld 0x102c77fcc dyld4::SyscallDelegate::withReadOnlyMappedFile(Diagnostics&, char const*, bool, void (void const*, unsigned long, bool, dyld4::FileID const&, char const*) block_pointer) const + 132
4 dyld 0x102c72b08 dyld4::JustInTimeLoader::makeJustInTimeLoaderDisk(Diagnostics&, dyld4::RuntimeState&, char const*, dyld4::Loader::LoadOptions const&, bool, unsigned int) + 204
Crash Dumps
How to debug it?
Post not yet marked as solved
Hello Apple team,
We're having a problem submitting one of our apps to TestFlight via Xcode Cloud. We have over 10 apps with the same codebase and all of them build successfully. However, one application fails to build in Xcode Cloud, although there is no problem with manual build. We would appreciate your help in resolving this situation. Can you please help us resolve this issue? We are ready to provide additional information or logs to clarify the causes of the error.
Sincerely,
Anton Babich
Xcode Cloud
Archive - iOS encountered a failure that caused the build to fail.
Prepare Build for App Store Connect
Invalid Signature. Code failed to satisfy specified code requirement(s). The file at path “moBiel Live.app/Frameworks/grpcpp.framework/grpcpp” is not properly signed. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose “Clean All” in Xcode, delete the “build” directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/support/code-signing.
Prepare Build for App Store Connect
Invalid Signature. Code failed to satisfy specified code requirement(s). The file at path “moBiel Live.app/Frameworks/Braintree.framework/Braintree” is not properly signed. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose “Clean All” in Xcode, delete the “build” directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/support/code-signing.
I'm building an app for deployment on iPhone, iPad and Mac Catalyst. I am using Automatic Code Signing. Project build without a single warning of any kind...
Debugging and running the app on both iPhone and iPad is working fine both in the simulators as well as on various test devices.
I have now turned to debugging on my Mac (M1Pro-MBP). I have run Clean many times....When I set the run destination to My Mac Catalyst and run I immediately see a dialog stating:
"The LaunchServices launcher has returned an error. Please check the system logs for the underlying cause of the error."
There is button to reveal details. Those details are shown below.
At the moment I am under the impression that this must be a relatively straightforward configuration issue which I have overlooked....
The app does contain an action and if I build and run only the action with Mac Catalyst as the destination it runs fine..
I only hit the error when I try to run the container app with embedded action with my Mac as the run destination....
Can anyone shed any light on this matter?
All thoughts appreciated!
Steve
Domain: IDELaunchErrorDomain
Code: 20
Recovery Suggestion: The LaunchServices launcher has returned an error. Please check the system logs for the underlying cause of the error.
User Info: {
DVTErrorCreationDateKey = "2023-07-19 14:36:14 +0000";
DVTRadarComponentKey = 968756;
IDERunOperationFailingWorker = IDELaunchServicesLauncher;
}
--
The operation couldn’t be completed. Launch failed.
Domain: RBSRequestErrorDomain
Code: 5
Failure Reason: Launch failed.
--
Launchd job spawn failed
Domain: NSPOSIXErrorDomain
Code: 153
--
Analytics Event: com.apple.dt.IDERunOperationWorkerFinished : {
"device_model" = "MacBookPro18,3";
"device_osBuild" = "13.4.1 (22F82)";
"device_platform" = "com.apple.platform.macosx";
"launchSession_schemeCommand" = Run;
"launchSession_state" = 1;
"launchSession_targetArch" = arm64;
"operation_duration_ms" = 172;
"operation_errorCode" = 20;
"operation_errorDomain" = IDELaunchErrorDomain;
"operation_errorWorker" = IDELaunchServicesLauncher;
"operation_name" = IDERunOperationWorkerGroup;
"param_consoleMode" = 0;
"param_debugger_attachToExtensions" = 0;
"param_debugger_attachToXPC" = 1;
"param_debugger_type" = 3;
"param_destination_isProxy" = 0;
"param_destination_platform" = "com.apple.platform.macosx";
"param_diag_MainThreadChecker_stopOnIssue" = 0;
"param_diag_MallocStackLogging_enableDuringAttach" = 0;
"param_diag_MallocStackLogging_enableForXPC" = 1;
"param_diag_allowLocationSimulation" = 1;
"param_diag_checker_tpc_enable" = 1;
"param_diag_gpu_frameCapture_enable" = 0;
"param_diag_gpu_shaderValidation_enable" = 0;
"param_diag_gpu_validation_enable" = 0;
"param_diag_memoryGraphOnResourceException" = 0;
"param_diag_queueDebugging_enable" = 1;
"param_diag_runtimeProfile_generate" = 0;
"param_diag_sanitizer_asan_enable" = 0;
"param_diag_sanitizer_tsan_enable" = 0;
"param_diag_sanitizer_tsan_stopOnIssue" = 0;
"param_diag_sanitizer_ubsan_stopOnIssue" = 0;
"param_diag_showNonLocalizedStrings" = 0;
"param_diag_viewDebugging_enabled" = 1;
"param_diag_viewDebugging_insertDylibOnLaunch" = 1;
"param_install_style" = 0;
"param_launcher_UID" = 2;
"param_launcher_allowDeviceSensorReplayData" = 0;
"param_launcher_kind" = 0;
"param_launcher_style" = 99;
"param_launcher_substyle" = 8192;
"param_runnable_appExtensionHostRunMode" = 0;
"param_runnable_productType" = "com.apple.product-type.application";
"param_testing_launchedForTesting" = 0;
"param_testing_suppressSimulatorApp" = 0;
"param_testing_usingCLI" = 0;
"sdk_canonicalName" = "macosx13.3";
"sdk_osVersion" = "13.3";
"sdk_variant" = iosmac;
}
--
System Information
macOS Version 13.4.1 (c) (Build 22F770820d)
Xcode 14.3.1 (21815) (Build 14E300c)
Timestamp: 2023-07-19T08:36:14-06:00
Post not yet marked as solved
While trying to create a new Distribution (iOS) certificate after the old one expired I came across the situation that we do not have the root certificate that was originally created. It was created on a mac of an employee that no longer works for us and which is not cooperative anymore. Is there any way around this, or to create a new root certificate that enables us to create trusted certificates to release updates for our app?
I'm new to this whole certificate workflow so I'd be very thankful for any input that lets us progress.
Best Regards,
Hans
Post not yet marked as solved
I am new to macOS programming. I am trying to run an example from Apple that installs a "NullDriver" and then accesses it from a client CPP app (example available on line, driver kit, "com.example.apple-samplecode.dext-to-user-client)
I seem to be able to install the the DEXT correctly; I can see the system extension and the IOUserService. When I run the CPP client access program auto signed by Xcode, the app crashes with "CODESIGNING 1 Taskgated Invalid Signature". If I sign the app with "Sign to Run Locally", the app runs but is unable to connect to the IOUserService.
This is being run on Sonoma Beta 5 with a newly paid membership.
I am willing to attach whatever files are required but I wonder whether others have had the same code signing problem. My apology if I did not read a post with the answer I hope to find.
Gene
Post not yet marked as solved
I have a EC2 mac instance with a fastlane script, that builds and sign a ios application. Its working fine in the instance, but when i run the same script through a jenkins script, I’m getting the following error
error: Target release_unpack_ios failed: Exception: Failed to codesign /Users/ec2-user/Library/Developer/Xcode/DerivedData/Runner-bgxywyggdiwupudhpkonmwvznobh/Build/Intermediates.noindex/ArchiveIntermediates/Runner/BuildProductsPath/Release-iphoneos/Flutter.framework/Flutter with identity XXXXXXXX
I have tried to unlock the keychain as mentioned in this post,
security -v unlock-keychain -p "{$PASSWORD}" "/Users/ec2-user/Library/Keychains/login.keychain-db"
I have also tried the key-partition approach to fix the issue as mentioned here
security set-key-partition-list -v -S apple-tool:,apple: -s -k [Login Keychain Password] [Login Keychain Path]
I have tried everything, I'm out of ideas and any help would be highly appreciated.
Post not yet marked as solved
Asset validation failed (90283)
Invalid Provisioning Profile. The provisioning profile included in the bundle com.abc.mac [com.abc.mac.pkg/Payload/abc.app] is invalid. [Missing code-signing certificate.] For more information, visit the macOS Developer Portal. (ID: xxxxxxxx-e193-4623-8dbe-xxxxxxxxxxxx)
I get the above error while uploading .pkg which is electron web app bundled through electron-bundler file through transporter for testFlight.
Post not yet marked as solved
Hi,
I would like to describe an issue I've encountered in my current development setup.
I'm working on an iOS mobile app using Xcode 14.2 on my personal Mac associated with the Apple ID: @#$%.com. The app is intended for distribution through a different Apple ID: +_)(.com, and it's connected to the team "Billy Bob."
Here are some key details about my setup:
Bundle Identifier: com.#######.#### (matching the app ID)
Certificate: Apple Development: Billy Bob (qwertyuiop)
Capabilities: In-App Purchases, Keychain Sharing, Sign-in with Apple
Entitlements: Includes application-identifier, keychain-access-groups, get-task-allow, com.apple.developer.team-identifier
Signing Certificate: Apple Development: Billy Bob (qwertyuiop)
Until recently, I was able to successfully Archive and distribute the app through TestFlight. However, when I attempted to Archive the app recently, a pop-up appeared with the following message:
"codesign wants to access key 'Apple Development: Billy Bob (Billy Bob)' in your keychain To allow this, enter the 'login' keychain password. 'Always Allow' 'Deny' 'Allow'"
I have tried my Mac password, the Apple ID password for@#$%.com, and the Apple ID password for +_)(.com. Unfortunately, none of these passwords seem to work.
Upon inspecting Keychain Access, I observed that under 'My Certificates,' I have the 'Apple Development: Billy Bob (qwertyuiop)' certificate. To address this issue, I modified the 'Access Control' settings to 'Allow all applications to access this item.' Consequently, I now have two instances of the 'Apple Development: Billy Bob (qwertyuiop)' certificate – one with unrestricted access and the other with 'Confirm before allowing access.'
Under the 'Certificates' section, I see the following entries:
Apple Development: Billy Bob (qwertyuiop) (similar to the entry under 'My Certificates')
Apple Development: Billy Bob (qwertyuiop) (similar to the entry under 'My Certificates')
Apple Worldwide Developer Relations Certification Authority
Developer ID Certification Authority
Developer ID Certification Authority
I’m stuck and hope someone has some advice on how to move forward.
Thanks,
Hey everyone,
I've ported an app based on Python from Windows to macOS. I can run the app from command line and I was also able to make an .app file an start it on my mac using auto-py-to-exe. Now I want to codesign (and later notarize) it. To do so I set the codesign_identity option of auto-py-to-exe to my Developer ID Application and rerun it. After 2 days it was still running (and I guess collecting information on submodules of the used Python modules). Without the codesigning it takes about 5-10 minutes to build. Any ideas how I could accelerate this or what i happening here? Unfortunately, I am not able to copy the output of auto-py-to-exe while it is still running.
thanks :).
Post not yet marked as solved
I made a simple Python based app for macOS using this code (empty lines removed):
import tkinter as tk
window = tk.Tk()
label = tk.Label(text="\n I am a macOS app \n")
label.pack()
window.mainloop()
Next I made it an .app using PyInstaller with this command (identity and paths shortened):
pyinstaller --noconfirm --onedir --windowed --osx-bundle-identifier "org.tk_test.tk_test" --codesign-identity "<my_identity>" path/to/tk-test.py
It worked like a charm and I was also able to notarize and staple the app for distribution.
...
4748 INFO: Signing the BUNDLE...
24899 INFO: Building BUNDLE BUNDLE-00.toc completed successfully.
I wanted to repeat the process to do some more testing and now without any reason I cannot sign the .app anymore (identity and paths shortened). Of course, I cleared the folder before trying:
...
5263 INFO: Signing the BUNDLE...
23050 WARNING: Error while signing the bundle: codesign command (['codesign', '-s', '<my_identity>', '--force', '--all-architectures', '--timestamp', '--options=runtime', '--deep', '/abs/path/to/dist/tk-test.app']) failed with error code 1!
output: /abs/path/to/dist/tk-test.app: replacing existing signature
/abs/path/to/dist/tk-test.app: A timestamp was expected but was not found.
In subcomponent: /abs/path/to/dist/tk-test.app/Contents/MacOS/lib-dynload/math.cpython-311-darwin.so
23050 WARNING: You will need to sign the bundle manually!
23050 INFO: Building BUNDLE BUNDLE-00.toc completed successfully.
I tried to create it in a fresh and differently named directory and I also made a complete fresh conda env. I don't see any reason, why this should not work anymore. Does anybody have an idea?
Post not yet marked as solved
We will soon be transferring our MacOS Electron app to a newly-created company. The app uses electron-builder and electron-updater (which in turn uses Squirrel.Mac). We distribute the app ourselves. (That is, it is not distributed in the App Store.)
If the new company signs the app with their certificate, I assume that updating from the version signed with the old company's certificate won't work. For Windows, it seems that I can provide both the old and new company names when building the app and then a subsequent update will work if the code is signed with either company's certificate. I haven't been able to find a similar process that will work on Mac.
I found this article, which doesn't offer much help: https://developer.apple.com/forums/thread/669350
But would a valid solution be to transfer the old company's developer account (or at least the Team ID/App ID Prefix) to the new company? Is that possible? And if so, and the Team ID/App ID Prefix remains the same, would the app be able to update even though the Bundle ID changes?
Thanks.
I'm developing a sandboxed application with Xcode which allows the user to open and work with Audio Unit plugins. Working with a beta-tester having a lot of AUs on its laptop running on macOS 12.5.1, we encountered some weird crashes while opening some plugins (Krotos, Flux Audio, Sound Toys, etc.). The message we got was in French, I try to translate it but the original English version could be a little bit different:
Impossible to open “NSCreateObjectFileImageFromMemory-p47UEwps” because the developper can not be verified.
After this first warning, a Fatal Error 100001 message opens and the plugin seems crashed (but not the host).
I easily found some music application users encountering similar issues on the web. From what I read, this error is related to new security rules introduced in macOS 12. And, effectively, some of these plugins tested on an older system work normally. I also read that some (insecure) entitlements of the Hardened Runtime should be able to fix this issue, especially Allow Unsigned Executable Memory Entitlement, whose the doc says:
In rare cases, an app might need to override or patch C code, use the long-deprecated NSCreateObjectFileImageFromMemory (which is fundamentally insecure), or use the DVDPlayback framework. Add the Allow Unsigned Executable Memory Entitlement to enable these use cases. Otherwise, the app might crash or behave in unexpected ways.
Unfortunately, checking this option didn't fix the issue. So, what I tried next was to add Disable Executable Memory Protection (no more success), and finally Allow DYLD Environment Variables and Allow Execution of JIT-compiled Code: none of them solved my problem.
I really don't see what else to do, while I'm sure that a solution exists because the same plugins work perfectly on other application (Logic, Live Ableton). Any help would be greatly appreciated. Thanks !
