Certificates: Developer ID Application not found by codesign

Hello!

I am having trouble with a Developer ID Application certificate that I have clearly added to the Keychain with Keychain Access not being recognized by codesign or DMG Canvas. Here is the command that DMG Canvas uses to see if there are any certificates for signing:

$ /usr/bin/security find-identity -p codesigning
Policy: Code Signing
  Matching identities
     0 identities found

  Valid identities only
     0 valid identities found

This shows that no certificates are found but there definitely are some. I installed this cert to both the System and login keychains, I tried to the Local Items keychain but this failed with an error I will display below.

This image (names redacted) clearly shows the certs are there, valid, and not expired (behind the error) and also shows the error popup for when I try to add the cert to the Local Items keychain:

Essentially I am asking why does Keychain Access say that I have the certificates but nothing can find it in order to sign applications. Thank you!

Up vote post of Shadorain Down vote post of Shadorain
1.1k views
Posted by
Shadorain
Reply
Add a Comment

Replies

Try to select the login keychain in the side pane, and then attempt to import the certificate that you have created. In this case, you selected localttems, which is why you are unable to import it. After importing it to the login keychain, run this command to be able to see the certificates

Posted by
Bhargav_Subbarao
Up vote reply of Bhargav_Subbarao Down vote reply of Bhargav_Subbarao
Add a Comment

Hi and thank you for your reply. My picture must have been misleading. I was on Local Items in the side tab there because of testing. But this cert is active and added to the login and System keychain. I also did do what you said just in case too and it didn't do anything. But thank you!

Posted by
Shadorain
Up vote reply of Shadorain Down vote reply of Shadorain
Add a Comment

Your screen shot shows that you have a certificate but not a digital identity, that is, you’re missing the private key that corresponds to the public key in that certificate. For more on this, see Certificate Signing Requests Explained.

Also, I recommend that you have a read of The Care and Feeding of Developer ID.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment