Xojo Signing Developer ID

I haven’t released a MacOS application since Xojo added the signing feature. I have read the documentation and many forum threads. I still don’t know what Developer ID is required.
MacOS Catalina; Xojo 2022r2
Here is the error message when I build.

Error signing application: M…X: ambiguous (matches “iPhone Distribution: Gold Creek Enterprises Ltd. (M…X)” and “Developer ID Application: Gold Creek Enterprises Ltd. (M…X)” in /Users/tombaumgartner1/Library/Keychains/login.keychain-db)

You could use this command from Terminal and get your codesign identities then from there you choose the one that comes directly after apple development or apple distribution and paste it in xojo

Code should be like this security find-identity -v -p codesigning

then you should get something like this

2) 8B0EBBAE7E7230BB6AF5D69CA09B769663BC844D "Mac Developer: Developer Name (DUCNFCN445)"

and you need to copy the

Developer Name (DUCNFCN445)

That should be valid for the 2022R2 i guess and previous where Signing was introduced.

In the latest once you should be able to load the id from the list and sign but apparently not always works.

Aurelian,

Thank you. The result was 12 valid identities. None of them say “Mac Developer: Developer Name(…”

So apparently I have to get some certificate from Apple that I don’t have now.

Well, Developer ID Application should be the one you’re looking for. Once past this, notarization (introduced in Mojave) is the next step.

I don’t mean to be a shill for AppWrapper, but—-well, I DO mean to be a shill for AppWrapper :slight_smile:

1 Like
  1. Get an Apple developer account if you don’t already have one.

  2. From that you get your Developer certificate(s). Install these to your keychain.

  3. You’ll also need an app-specific password I think these days you can get transferred from your developer account to your apple-id account to get this password.

  4. And yes, use AppWrapper. It makes code-signing and then notarisation quite easy.

1 Like

If you struggle installing certificate for code signing, you can use XCode to have an interface to see what is installed on your mac and install new one if you want.

Just open XCode, go in MenuBar to XCode → Settings then go on Accounts panel and you will be able to add an account and get the correct certificates

It is as simple as double clicking on the certificate downloaded from developer.apple.com. It will be installed to Keychain.

I have had several screenshare sessions with folks who struggled setting up code signing on Mac. By far, the most common problem was that they were doing things through the website.

It is orders of magnitude easier to use Xcode to download and install your certificates.

4 Likes

I did a blog post last fall about how Apple code signing works that you should review as well as it talks about the interdependencies of the different parts:

1 Like

Thanks for all of the input for all the regular contributors. But I didn’t get my question answered.
I should have explained that I have been writing apps with Xojo for over 20 years. I have released apps on the Mac App Store and iOS apps on the App Store. I love Sam’s App Wrapper and would use it if this app was going to the MAS. But this app is for (very) limited distribution so I thought I would just sign it with the Xojo signing feature. When I got the first build error I thought that the problem was I was using the company Developer ID Application or that Apple had changed the content of the Developer ID Application. So I generated a new Developer ID Application. The common name didn’t change. Now I have tried my personal Mac Developer Certificate just in case that was what was required. Same type of error.
The error message is complaining that there are both iOS and Mac certificates (ambiguous?) I want to delete the iOS certificate from Keychain Access to test the theory but the warning message is scary.