Hi everyone, I applied for CarPlay Entitlements on [Date 4. 26, 2025] using. (*CarPlay Entitlements Case-ID : 13045151) I haven't received any updates or responses regarding my application yet. It's been 7 days since the application. My service requires CarPlay integration with a Black Box device. The primary purpose of this integration is to allow users to configure device settings through CarPlay. Furthermore, we plan to utilize the "Communication" category of Entitlements to notify users of parking incidents detected by the Black Box device while parked. This functionality is crucial for alerting drivers to potential issues affecting their vehicles. Could anyone share their experience with the typical turnaround time for CarPlay Entitlements, especially for applications involving device integration and the "Communication" category? Is this delay normal? Is there any way to check the application status or contact the appropriate team to inquire about its progress? Thank you for any insights or advice you can provide! Sincerely,

I've added my Vendor ID to the appropriate entitlement files but my binary fails validation when trying to upload it to the store for distribution. The embeded.mobileprovision file in the generated archive shows an asterisk instead of my approved Vendor ID. How can I make sure the embedded provisioning file has my Vendor ID?

I’m building an Electron app for macOS that I plan to distribute to users in a .dmg outside the Mac App Store. I have a Developer ID Application certificate (from Apple’s Developer Portal) and a private key, and I can see “Developer ID Certification Authority” in my System Roots keychain. • My Developer ID Application certificate is in the login keychain, and it shows up under “My Certificates” with its private key. • On Keychain, certificate shows red message "not trusted", but when I evaluate and check it specifically for codesigning it shows a green checkmark and success • Developer ID Certification Authority is in System Roots. • security find-identity -p codesigning – shows my certificate, but shows 0 valid identities • Updated operating system and deleted and recreated a new certificate, still get the same issue

I have read the posted solution threads and am still stuck with solving this issue. I have created a python app that works perfect on my machine and I would like to distribute externally via .zip file. I have created a certificate and downloaded it (G2 Sub-CA (Xcode 11.4.1 or later)) Next i have installed the Çert into the login keychain along with the Matching G2 Intermediate Cert (in system) and the proper Root Cert. However I am still not getting a proper chain when evaluating the developer certificate and I am at a loss at this point. I would love to pay someone to simply walk me through it if anyone has some time to solve this problem with me so I can run the notarytool and then distribute my application. Thanks!

This is .entitlements file: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.endpoint-security.client</key> <true/> </dict> </plist> Code signing: codesign --sign -vvv --timestamp --options=runtime --force --entitlements ./UES.entitlements -s "Developer ID Application: XXXX Ltd. (XXXXXX)" ./UES.app When I run it on macOS 13.x, it works fine. If I run the system on macOS 11.x, it reports a "killed" error (if codesign remove --entitlements ./UES.entitlements, Then the startup will not report an error, but the endpoint security rights cannot be used) System log: 2025-04-21 13:58:27.039638+0800 0xd5941 Default 0x0 149 0 amfid: /Applications/UES.app/Contents/MacOS/UES signature not valid: -67050 2025-04-21 13:58:27.039762+0800 0xd5bbf Default 0x0 0 0 kernel: mac_vnode_check_signature: /Applications/UES.app/Contents/MacOS/UES: code signature validation failed fatally: When validating /Applications/UES.app/Contents/MacOS/UES: 2025-04-21 13:58:27.039815+0800 0xd5bbf Default 0x0 0 0 kernel: proc 29354: load code signature error 4 for file "UES" 2025-04-21 13:58:27.040720+0800 0xd5bc0 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Security policy would not allow process: 29354, /Applications/UES.app/Contents/MacOS/UES 2025-04-21 13:58:27.045974+0800 0xd58be Error 0x0 66405 0 CoreServicesUIAgent: [com.apple.launchservices:uiagent] handle LS launch error: {\n Action = oapp;\n AppMimimumSystemVersion = "10.13";\n AppPath = "/Applications/UES.app";\n ErrorCode = "-10826";\n} 2025-04-21 13:58:39.121619+0800 0xd5941 Default 0x0 149 0 amfid: /Applications/UES.app/Contents/MacOS/UES signature not valid: -67050 2025-04-21 13:58:39.121832+0800 0xd5e0f Default 0x0 0 0 kernel: mac_vnode_check_signature: /Applications/UES.app/Contents/MacOS/UES: code signature validation failed fatally: When validating /Applications/UES.app/Contents/MacOS/UES: 2025-04-21 13:58:39.121861+0800 0xd5e0f Default 0x0 0 0 kernel: proc 29415: load code signature error 4 for file "UES" 2025-04-21 13:58:39.122571+0800 0xd5e10 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Security policy would not allow process: 29415, /Applications/UES.app/Contents/MacOS/UES 2025-04-21 13:58:46.297915+0800 0xd5941 Default 0x0 149 0 amfid: /Applications/UES.app/Contents/MacOS/UES signature not valid: -67050 2025-04-21 13:58:46.298031+0800 0xd5f85 Default 0x0 0 0 kernel: mac_vnode_check_signature: /Applications/UES.app/Contents/MacOS/UES: code signature validation failed fatally: When validating /Applications/UES.app/Contents/MacOS/UES: 2025-04-21 13:58:46.298072+0800 0xd5f85 Default 0x0 0 0 kernel: proc 29485: load code signature error 4 for file "UES" 2025-04-21 13:58:46.300248+0800 0xd5f86 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Security policy would not allow process: 29485, /Applications/UES.app/Contents/MacOS/UES May I ask what the reason is?

Hi, I'm getting error 65 upon stapling and I am suspecting that non-default trust settings may be the reason as outlined here: Unfortunately whatever I do, I can't seem to reset the trust settings to their default values (removing the blue/white "+"), I'm not being asked for credentials upon closing the certificate window. I have also tried to unlock the System Roots key chain, to no avail. Also, when running security dump-trust-settings -d I get Number of trust settings : 0 for all certificates. Any ideas as to what I may be doing wrong? Is there any other setting that may be involved? Thanks!

I was trying to put my game to test flight. I would test features like ads and in-app-purchases, then put on the Appstore(release). The game already works on Ipad. For test flight, the "automatically manage signing" option was enabled. Then I pressed the "archive" button. Built succeeded. Then I clicked the distribute button. That time, I had an error. "Upload failed, Invalid signature, App is not properly signed". I researched, and found special characters in name, team name and address can make errors. My name, address and team name have special characters(turkish). If it will be resolved, I want to re-write(fix) my name, team name and address. I already tried to change my name, team name and address from apple developer website but failed. They are asking a document of my identity of my new name but I didn't changed my name and address. Overall, there aren't any other facts that cause this issue as I know. If I send my current, unchanged identity and home address, could they allow to change(fix) them? On Console Log: DangerNo.app/DangerNo: ID : 6cfa13a9-685c-4df9-86dd-7506d67be8c5 DangerNo.app/Frameworks/UnityFramework.framework/UnityFramework: ID : 2b63aacc-9caf-453c-913f-bae0db14d363 My App ID : 6744022885 Error : Invalid Binary rejection email indicating a corrupted code signature was detected. Explanation : Invalid Signature - Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose "Clean All" in Xcode, delete the "build" directory in the Finder, and rebuild your release target.

Hi, I have a project that integrates the Firebase SDK via SPM as a dependency of an internal Swift Package: My app ⟶ My Library ⟶ Firebase SDK The project builds successfully and can be archived locally ✅. The uploaded .ipa is valid and gets published 🚀. However, we are now trying to automate the release process using Xcode Cloud, but the iOS Archive action is failing ❌ on Xcode Cloud. The logs show the following error ⬇️: error: exportArchive codesign command failed (/Volumes/workspace/tmp/XcodeDistPipeline/XcodeDistPipeline.~~~oomCvM/Root/Payload/base-ios.app/Frameworks/FirebaseAnalytics.framework: replacing existing signature /Volumes/workspace/tmp/XcodeDistPipeline/XcodeDistPipeline.~~~oomCvM/Root/Payload/base-ios.app/Frameworks/FirebaseAnalytics.framework: invalid or corrupted code requirement(s) Requirement syntax error(s): line 1:178: unexpected token: <COMPANY_NAME> ) ** EXPORT FAILED ** I have been researching this issue for a while and have tried several solutions to fix it, but with no luck. Even though the error points to a specific library—the Firebase SDK—I don’t believe Firebase is the root cause. There were related issues in the past, but those were already fixed by the Firebase team, and as I mentioned, the project archives correctly when built locally. On the other hand, the error states: line 1:178: unexpected token: <COMPANY_ACRONYM> This makes me wonder if there’s an issue parsing our Team Name during the re-signing process, as it contains special characters ": "name": "Apple Distribution: Company Full Name "COMPANY_ACRONYM""

This is .entitlements file: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.endpoint-security.client</key> <true/> </dict> </plist> Code signing: codesign --sign -vvv --timestamp --options=runtime --force --entitlements ./UES.entitlements -s "Developer ID Application: XXXX Ltd. (XXXXXX)" ./UES.app When I run it on macOS 13.x, it works fine. If I run the system on macOS 11.x, it reports a "killed" error (if codesign remove --entitlements ./UES.entitlements, Then the startup will not report an error, but the endpoint security rights cannot be used) System log: 2025-04-21 13:58:27.039638+0800 0xd5941 Default 0x0 149 0 amfid: /Applications/UES.app/Contents/MacOS/UES signature not valid: -67050 2025-04-21 13:58:27.039762+0800 0xd5bbf Default 0x0 0 0 kernel: mac_vnode_check_signature: /Applications/UES.app/Contents/MacOS/UES: code signature validation failed fatally: When validating /Applications/UES.app/Contents/MacOS/UES: 2025-04-21 13:58:27.039815+0800 0xd5bbf Default 0x0 0 0 kernel: proc 29354: load code signature error 4 for file "UES" 2025-04-21 13:58:27.040720+0800 0xd5bc0 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Security policy would not allow process: 29354, /Applications/UES.app/Contents/MacOS/UES 2025-04-21 13:58:27.045974+0800 0xd58be Error 0x0 66405 0 CoreServicesUIAgent: [com.apple.launchservices:uiagent] handle LS launch error: {\n Action = oapp;\n AppMimimumSystemVersion = "10.13";\n AppPath = "/Applications/UES.app";\n ErrorCode = "-10826";\n} 2025-04-21 13:58:39.121619+0800 0xd5941 Default 0x0 149 0 amfid: /Applications/UES.app/Contents/MacOS/UES signature not valid: -67050 2025-04-21 13:58:39.121832+0800 0xd5e0f Default 0x0 0 0 kernel: mac_vnode_check_signature: /Applications/UES.app/Contents/MacOS/UES: code signature validation failed fatally: When validating /Applications/UES.app/Contents/MacOS/UES: 2025-04-21 13:58:39.121861+0800 0xd5e0f Default 0x0 0 0 kernel: proc 29415: load code signature error 4 for file "UES" 2025-04-21 13:58:39.122571+0800 0xd5e10 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Security policy would not allow process: 29415, /Applications/UES.app/Contents/MacOS/UES 2025-04-21 13:58:46.297915+0800 0xd5941 Default 0x0 149 0 amfid: /Applications/UES.app/Contents/MacOS/UES signature not valid: -67050 2025-04-21 13:58:46.298031+0800 0xd5f85 Default 0x0 0 0 kernel: mac_vnode_check_signature: /Applications/UES.app/Contents/MacOS/UES: code signature validation failed fatally: When validating /Applications/UES.app/Contents/MacOS/UES: 2025-04-21 13:58:46.298072+0800 0xd5f85 Default 0x0 0 0 kernel: proc 29485: load code signature error 4 for file "UES" 2025-04-21 13:58:46.300248+0800 0xd5f86 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Security policy would not allow process: 29485, /Applications/UES.app/Contents/MacOS/UES May I ask what the reason is?

Hi, I've code-signed my app and notarized it, and created a DMG, and when I slacked it or airdropped it to someone for testing the FIRST time they open it, they get a warning that it was Slacked or airdropped to them and do they want to open it. if they say yes everything is fine. So looking through here someone said I need to sign the app and then make a dmg and sign the dmg and then send that for notorization and then staple that. So I did, and I still get a warning the first tie someone try's to run it. What am I doing wrong? I know I can buy software and not get a warning from apple. so how do I get my app to work correctly like that?

My Developer ID certificate will expire in few days, so I downloaded and installed new certificate in login keychain. However my key is still linked to my old certificate. I have my .p12 but even if I delete the old certificate from login keychain and reinstall the .12 file, my old certificate reappears in the login keychain. I tried to select the new certificate in the login keychain and choose Files > Export Items (in Keychain Access) but in the Save dialog under File Format the "Personal Information Exchange (.p12)" option is grayed out. How can I generate a key/.p12 file that will be linked to my new certificate?

I use the 'notarytool' to notarize applications and .pkg installers for Developer ID distribution. When using the notary tool with a fresh Apple Developer account, the notarization process remains stuck in the 'In progress' state. However, if I try the same app with an older developer account (one that has notarized at least one app in the past), the notarization works. All agreements are accepted in developer portal and Appstore Connect.

Hello, I have this simulator made in Unity that I want to distribute as Standalone. It consists of launcher which, when users download it, downloads the game. I've built the launcher, got Developer ID Application certificate, added entitlements from: https://docs.unity3d.com/Manual/macoscodesigning.html#signing-identity I've signed the .app of the launcher and 2 dlls chatgpt recommended to sign, zipped it, notarized .zip successfully, stapled to .app and put it on Google Drive to test. I got my other MacBook Pro, downloaded the zip, tried to open it. It did open, but there is a black loading screen saying "0% progress, 0B/0B" indicating that it isn't downloading anything - no network calling. When checked using command xattr -l path/to/file.app I get the following output: com.apple.macl: @?????I???|???? com.apple.quarantine: 0083;67bf1a22;Safari;69764595-CA94-44D2-B679-A69DC4669382 There are some specifics I think are also important to mention. I tried to code-sign it, notarize it and staple it using only Terminal and I'd like to keep it that way because I am very unfamiliar with Mac so I've avoided using Xcode as much as possible I really want to avoid putting the simulator up on the App Store, so I must have Standalone solution and Standalone solution only I believe that there might be problem with needing right entitlements, but I don't know how to check which one's are needed for users to avoid using "xattr" command in terminal to allow the launcher to run because of GateKeeper I've been banging my head against the wall with this problem for over a month and I don't see the light at the end of the tunnel.

Hi, Out app is approved on app store, however we want to distribute outside apps tore as well. But notarization always fails with error: Team is not yet configured for notarization. Please contact Developer Programs Support at developer.apple.com under the topic Development and Technical / Other Development or Technical Questions.", "statusCode": 7000, Any help to address this issue is highly appreciated.

Hello, I already have got approval from Apple for com.apple.developer.family-controls entitlement When I am building my app, there is one part where I need to check the list of applications which I have blocked with my app. To get the list I have to have com.apple.developer.managed-settings entitlement ... Now how and where show I get hold of it ? I already got permission for Family Control, how do I get hold of this now ?

I’ve been wrestling with this for nearly a week now and none of the proposed fixes have worked. I’m trying to resign an app via Jenkins and have done the following: Created a custom keychain Imported the required .p12 certificates Installed the Apple WWDR certificate in the System keychain Made the login keychain my default Added my development keychain, the login keychain and the System keychain to the user keychain list Unlocked my development keychain Confirmed my signing identity is present Granted the appropriate partition list access to the keychain "security set-key-partition-list -S apple-tool:,codesign: -k pwd /Users/ec2-user/Library/Keychains/development.keychain-db" Yet when I invoke Fastlane’s resign action, I still see: _floatsignTemp/Payload/EverMerge.app/Frameworks/AppLovinSDK.framework: replacing existing signature _floatsignTemp/Payload/EverMerge.app/Frameworks/AppLovinSDK.framework: errSecInternalComponent Encountered an error, aborting! Any guidance on what might be causing this errSecInternalComponent failure or how to get the resign step to succeed would be highly appreciated.

We are facing issue with resigning the app which is developed by 3rd party. In this app we have Sharing functionality feature for which we have enabled Associated Domains capability. When we are signing the app with our certificate and profile this functionality is not working i.e when we are clicking on shared link in the app it is redirecting to app store page instead of content link. However, when 3rd party is directly using our certificate & profile then that functionality is working as expected. Could you please help us with the above issue why it is not working when we are resigning with our certificate and profile?

I have local LLM application, the backend is in python and frontend is in electron.js , all complied in a .pkg file or .dmg file I have created the valid certifcates for notarization But it fails everytime, I have attached the logs steps I followed Created a certificate all steps related to getting it setup, ran productsign command on pkg file ran codesign for dmg xcruntool submit command If anyone has any idea on how proceed codesigningdmg (2).txt code-singingpkg.txt

I developed a macOS application and have already signed the pkg package. However, when I submitted it for notarization using the following command: xcrun notarytool submit --signed.pkg --apple-id "**@gmail.com" --team-id "2*******M" --password "this is password" --wait I received a "Rejected" status. The log provided the following details: "logFormatVersion": 1, "jobId": "f5f3751d-b449-4a2f-b905-32d38ab5963b", "status": "Rejected", "statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support at developer.apple.com under the topic Development and Technical / Other Development or Technical Questions.", "statusCode": 7000, "archiveFilename": "*********.pkg", "uploadDate": "2025-03-20T03:16:43.651Z", "sha256": "3ca39700c531a66571721424a6c00668748011174b4ae20bbbec5c2d3a8a41f9", "ticketContents": null, "issues": null``` Can you help me, thank you.

I am running into this error with productbuild in github actions where the program hangs with a specific developer id. I have verified that my certification files are properly uploaded etc. and i am able to run this without the --sign command online and with --sign offline. if i sign with a "3rd party mac developer installer: ***" it will run but then crash on stapling because this isn't the actual org i want to staple and don't really need to verify that i could staple with this other license since it is my personal license and i will be leaving this job soon so setting up all my other certs is a waste of time since it doesn't solve the problem. When i use my bosses/org "Developer ID Installer: ***" productbuild just hangs. I am at a loss here... the acutal command running is productbuild --resources ./resources --distribution distribution.xml --sign "${{ secrets.DEVELOPER_ID_INSTALLER }}" --timestamp "${{ env.ARTIFACT_NAME }}.pkg" I have confirmed that my distribution file is fine etc. because I can productbuild without signing fine. Any suggestions on where to go?