I'm building an app that uses the Screen Time API and DeviceActivityMonitoring Framework. It works when I run the simulator build on iPhone 16 but when I try to launch it on my own iPhone, I get these errors. Provisioning profile "iOS Team Provisioning Profile: Kanso- Digital-Wellness.Kanso-v2" doesn't include the com.apple.developer.device-activity.monitoring entitlement. KansoMonitorExtension 1 issue x Provisioning profile "iOS Team Provisioning Profile: Kanso-Digital-Wellness.Kanso-v2.KansoMonitorExtension" doesn't include the com.apple.developer.device-activity.monitoring en... Read something online that said a reboot would fix this, but I tried and no luck. Any ideas? I'm not very technical, so would pay someone to fix this for me :)

Hi Team, I have created multiple certificates for macOS application. Below are the certificates created- Apple Development Certificate DeveloperID Installer Certificate Apple Distribution Certificate others certificates Later, I have imported the all these above certificates in keychain-access. Now, I tried to compile the code through Xcode. I am getting error for code signing certificate. Warning: unable to build chain to self-signed root for signer "Apple Development: Amit (M2WMF2YERI)” .... Command CodeSign failed with a nonzero exit code When I checked the TeamID of User(Amit) I can see that his current TeamID is [P8ZW3W9R2Q]. There is mismatch of teamID in apple development certificate generation. Note- All certificates are generated with current TeamID[P8ZW3W9R2Q] of user (Amit) except Apple Development certificate which has been generated with TeamID [M2WMF2YERI] which is generated with old TeamID of user (Amit). I attempted to generate the apple development certificate multiple times but it is getting generated with old TeamID TeamID[M2WMF2YERI] of user(Amit)
 Summary- While creating a developer certificate using apple developer account and mapping it in keychain, the certificate is being generated with old apple account details (Inactive) instead of the current one. This is causing issues when using the certificate in keychain. If anyone has encountered this issue, how it was resolved?
 Thanks

Hi Team, I have created multiple certificates for macOS application. Below are the certificates created- Apple Development Certificate DeveloperID Installer Certificate Apple Distribution Certificate others certificates Later, I have imported the all these above certificates in keychain-access. Now, I tried to compile the code through Xcode. I am getting error for code signing certificate. Warning: unable to build chain to self-signed root for signer "Apple Development: Amit (M2WMF2YERI)” .... Command CodeSign failed with a nonzero exit code When I checked the TeamID of User(Amit) I can see that his current TeamID is [P8ZW3W9R2Q]. There is mismatch of teamID in apple development certificate generation. Note- All certificates are generated with current TeamID[P8ZW3W9R2Q] of user (Amit) except Apple Development certificate which has been generated with TeamID [M2WMF2YERI] which is generated with old TeamID of user (Amit). I attempted to generate the apple development certificate multiple times but it is getting generated with old TeamID TeamID[M2WMF2YERI] of user(Amit)
 Summary- While creating a developer certificate using apple developer account and mapping it in keychain, the certificate is being generated with old apple account details (Inactive) instead of the current one. This is causing issues when using the certificate in keychain. If anyone has encountered this issue, how it was resolved?

Hello, After deploying our app, we encountered an issue where the app fails to launch properly on certain devices. To rule out potential code issues, we created a new clean project and tested it with the basic setup (certificate, bundle ID, and team). The app installs and runs fine on most devices, but it fails to open immediately on specific models. (The affected model is listed below.) Version: iOS 18.3.1 Model: iPhone 14 Pro After reviewing the console logs, we found an issue related to the app launching process. Could this issue be related to the app's configuration or the provisioning profile? We would appreciate any insight into why this issue occurs only on certain devices. Thank you for your help!

I am managing provisioning profiles manually, including the one for my Notification Service Extension. I am wondering what happens if the provisioning profile for the Notification Service Extension expires. I have two types of apps: An App Store-distributed app An Enterprise-distributed app Can someone clarify how the expiration of the Notification Service Extension's provisioning profile affects both cases? Will the extension stop functioning, or will it continue to work normally?

I have a pass type id that expired. I created a CSR in keychain access on my Mac. I uploaded the CSR and generated a new cert. I downloaded the new cert and imported into keychain access. I don't see the associated private key and I cannot export a .p12 certificate. It's possible I started with the wrong key to generate the CSR or maybe I inadvertently deleted key while trying to locate the cert after importing. I'm not sure how to determine which. I do still have the private key from the cert that expired. But, I cannot figure out how to sign a cert again, my only option now is download. I've been searching the forum and while there may be an answer, I may just be looking for the wrong thing. I could use some help if anybody would be so kind.

My Developer ID certificate will expire in few days, so I downloaded and installed new certificate in login keychain. However my key is still linked to my old certificate. I have my .p12 but even if I delete the old certificate from login keychain and reinstall the .12 file, my old certificate reappears in the login keychain. I tried to select the new certificate in the login keychain and choose Files > Export Items (in Keychain Access) but in the Save dialog under File Format the "Personal Information Exchange (.p12)" option is grayed out. How can I generate a key/.p12 file that will be linked to my new certificate?

Hi, I recently created and installed new code signing certificates/keys on my main Mac. How to easily copy these certificates/keys to my another Mac with the same Apple ID? Earlier Quinn suggested: "The easiest way to do this is use Xcode’s import/export feature. Launch Xcode, choose Xcode > Settings, select Accounts, select the account in question, then choose Export Apple ID and Code Signing Assets from the action (…) menu." And it worked fine in 2020-2021. However import/export options are no longer available in XCode 16 anymore. Please suggest a simple solution.

Hi, I got the error: /usr/bin/codesign exited with code 1: Warning: unable to build chain to self-signed root for signer "Apple Distribution: Q.A.C.F. - Quality Academy Consultoria E Formacao, Unipessoal, Lda (xxxxxx)" /Users/pedroramalho/Library/Caches/Xamarin/mtbs/builds/drBoxSaude.iOS/3bed3d51415af2e100a4d2bc57e1d36fb42d76ceb190de1db1c4d0dbccbff863/bin/iPhone/Release/drBoxSaude.iOS.app: errSecInternalComponent and /usr/bin/codesign exited with code 1: /Users/pedroramalho/Library/Caches/Xamarin/mtbs/builds/drBoxSaude.iOS/3bed3d51415af2e100a4d2bc57e1d36fb42d76ceb190de1db1c4d0dbccbff863/bin/iPhone/Release/drBoxSaude.iOS.app/Frameworks/libSkiaSharp.framework: replacing existing signature Warning: unable to build chain to self-signed root for signer "Apple Distribution: Q.A.C.F. - Quality Academy Consultoria E Formacao, Unipessoal, Lda (xxxxx)" /Users/pedroramalho/Library/Caches/Xamarin/mtbs/builds/drBoxSaude.iOS/3bed3d51415af2e100a4d2bc57e1d36fb42d76ceb190de1db1c4d0dbccbff863/bin/iPhone/Release/drBoxSaude.iOS.app/Frameworks/libSkiaSharp.framework: errSecInternalComponent Some one can help please

Hi, I have some doubts about certificates expiration given this "new" requirement around signing for some common third party SDKs: https://developer.apple.com/support/third-party-SDK-requirements/ Use case: I build an SDK that will be distributed as an XCFramework and will be used in AppStore apps from different people. My SDK internally uses some other third party libraries that are integrated as binaries Let's assume some of those third party libraries are from the list above and therefore seem to be required to be signed. I distribute my SDK with all in order (third party SDKs from that list with valid signatures) People using my SDK over the time provide an update to their apps on the AppStore but by then some of the third party libraries of my SDK has an expired certificate. What would happen? People using my SDK won't have any issues as far as my SDK has a valid signature (despite third party libraries from the list have expired signatures) People using my SDK will get a warning about it but still will be able to submit to the AppStore. In that case, would AppStore Review process decline the update? People using my SDK will get an error, not being able to submit to the AppStore and will require me an update version of the SDK with those third party libraries re-signed. My understanding is that all would work as far as my SDK has a valid signature (after all is the one taking responsibility of the code inside), independently of what happens with the signature of those libraries themselves, am I correct?.

Hello everyone, I'm currently experiencing repeated "Invalid Binary" rejections when submitting my Flutter-based iOS app ("Master Tere") through App Store Connect. I've followed all the expected steps and guidelines, but the rejection contains no additional explanation beyond the "Invalid Binary" status. Here’s my current setup: Built using Flutter and Xcode 15.3 WebView-based app loading a professional portfolio site Runner target is signed automatically using Xcode Managed Profiles Certificates: Apple Development and Apple Distribution (auto-managed) Bundle ID: com.actuain.mastertere1 Version: 1.0.0, Build: 6 Deployment target: iOS 18.0 Device family: iPhone only All signing identities and provisioning profiles match for Debug and Release In my Info.plist, I’ve cleaned up legacy keys that might cause conflicts: ✅ Removed <key>UIMainStoryboardFile</key> (no storyboard is used) ✅ Removed <key>CFBundleSignature</key> as it was set to ???? ✅ Display name and Bundle ID align with Xcode project settings Despite all this, every time I upload through Xcode Organizer, I get an "Invalid Binary" error after processing. No issues are shown during archive validation. I suspect the issue may be related to: Flutter WebView integration with latest iOS SDKs Residual metadata in the archive from unused iOS storyboard references Possibly missing entitlements or capabilities not flagged by Xcode Questions: Are there any known issues affecting Flutter WebView apps recently (especially around Xcode 15.3 or iOS 18 SDK)? Is it mandatory to remove Main.storyboard from the project bundle even if it's not used? Could this issue be related to background modes, UIRequiredDeviceCapabilities, or entitlements even if not directly flagged? I’d appreciate any insights or experiences from others who’ve faced this issue recently. Thanks in advance! Luis Antonio Pinto Acosta

I am trying to build a release for an application that installs a DriverKit driver. I created a Developer ID Application Profile with a valid certificate but I'm coming across this error in Xcode 16.3 that is preventing me from archiving: Xcode 14 and later requires a DriverKit development profile enabled for iOS and macOS. Visit the developer website to create or download a DriverKit profile. I thought I needed a Dev ID Application profile to distribute the application and that a Development profile is for testing. Is there something I'm missing?

Hello, we are currently encountering a similar issue. We need to inject our capabilities into a third-party app by re-signing it (not a full re-signing process—just requiring the provisioning profile and certificate to match). However, this seems to affect the functionality of universal links. We've found that this issue only occurs on iOS 18. We noticed that when re-signing the app, the entitlements related to associated domains are changed to a wildcard: [Key] com.apple.developer.associated-domains [Value] [Array] [String] * However, this doesn’t cause any issues on iOS 17. Through further testing, we discovered that in order for universal links to work properly, we need to restore the original value of com.apple.developer.associated-domains and use a provisioning profile that matches the app's bundle ID. This means our previous re-signing approach using a certificate and provisioning profile from another bundle will no longer work. We’d like to ask: is this a new restriction introduced in iOS 18? If we manually restore the original com.apple.developer.associated-domains entitlement and use a provisioning profile that matches the app’s bundle ID, will universal links function correctly going forward?

we have organization account I'm the admin of team. and i have additional resources: Additional Resources Access to Reports Access to Certificates, Identifiers & Profiles. Access to Cloud Managed Distribution Certificate Create Apps Generate Individual API Keys Issues: i can't find my team certificate in Xcode I don't have access to https://developer.apple.com/account/resources/

I’m having issues trying to codesign a .app file. We generated the Developer ID Application certificate using the organization owner’s account. I downloaded the certificate to my Mac and imported it into my keychain, but when I run the codesign command below, I get the following error. Could you help me? What am I doing wrong? Is there any other way to sign the .app executable? From what I’ve seen in other posts, it looks like the certificate needs to have a private key, but the certificate I download from the developer portal doesn’t include the key. Also, about exporting it as a .p12 — I couldn’t quite understand if that’s considered a safe practice, since the organization owner’s private key would be included in this certificate that we plan to use in our pipeline.

*** Error: ERROR: [ContentDelivery.Uploader] Validation failed (409) Invalid Provisioning Profile. The provisioning profile included in the com.baiyun-shuniu.scss bundle [Payload/HBuilder.app] is invalid. [Missing code-signing certificate]. A distribution provisioning profile should be used when uploading apps to App Store Connect. (ID: e21c7a63-520f-49c5-8298-9afa3aa14dd5) 2025-05-13 09:23:20.382 INFO: [ContentDelivery.Uploader]

Hi the best community! When I try to submit the app to Testflight I receive the following error: "codesign command failed (/var/folders/j9/yh_rkh114rbgvmglf4gycj8w0000gn/T/XcodeDistPipeline.~~~OW0Dwk/Root/Payload/Application.app/Frameworks/Alamofire.framework: replacing existing signature /var/folders/j9/yh_rkh114rbgvmglf4gycj8w0000gn/T/XcodeDistPipeline.~~~OW0Dwk/Root/Payload/Application.app/Frameworks/Alamofire.framework: invalid or corrupted code requirement(s) Requirement syntax error(s): line 1:155: unexpected token: NPH )" I have never stuck with this issue before. Xcode Version 16.0 I assume that there is something related to code signing and our company name in App Store connect: Medical Institution “NPH” (The company name has been anonymized for privacy purposes.) Appreciate any help. Thank you!

I have a macOS application that was previously distributed under my personal Apple Developer account using a Developer ID certificate. We’ve recently transitioned distribution to our company’s Apple Developer account. The app’s bundle identifier has been successfully transferred, and I’ve signed a new build of the app using the company’s Developer ID certificate. The app installs and runs correctly under the new signature. However, I’ve encountered a problem: the app is no longer able to access previously granted permissions (e.g., Screen Recording, System Audio Recording, and Input Monitoring). Furthermore, it cannot re-prompt for these permissions because they appear as already granted in System Settings. From what I understand, this issue is due to the change in the code signing identity. Specifically, the designated requirements used by macOS to identify an app have changed, so the system no longer associates the new version of the app with the previously granted permissions (as outlined in Apple's Technical Note TN3127). The only workaround I’ve found so far is to manually reset the app's permissions using Terminal commands (e.g., tccutil reset), but this is not something we can reasonably ask end users to do. Question: Is there a recommended or supported approach to either preserve permissions when changing Developer ID identities, or programmatically trigger a permissions reset for existing users? We're looking for a seamless solution that doesn't degrade user experience.

In the past it was relatively easy to download from the developer portal both the app signing and installer signing certs so that I could sign AppleScripts from Script Editor when exporting them and when building packages in Jamf Composer. I went to set that up today and it seems things have changed in the last few years since I've had to set this up. I've been unable to sort this out and would love some help. I'm looking for a tutorial on doing this that walks someone step-by-step through the process for obtaining the certs (yes, I have dev account) and setting them up in keychain and then making use of them. Thanks!

I am distributing a macOS application outside the App Store using Developer ID and need to provide provisioning profiles to customers for installation during the package installation process. I have two questions: How can I package and provide the provisioning profile(s) so that the customer can install them easily during the application installation process? Are there any best practices or tools that could simplify this step? In my case, there are multiple provisioning profiles. Should I instruct the customer to install each profile one by one, or is there a way to combine them and have them installed all at once? Any insights, resources, or recommendations would be greatly appreciated.