15

I haven't been able to find a definition for this error in relation to codesigning. I'm really quite stumped as of what to do.

The error occurs when attempting to execute this command line:

codesign -s "Developer ID Application: Name (ID)" -fv --deep Application.app/

System:

XCode 6.2 on Yosemite 10.10.3

I've reinstalled XCode, still without any luck. This is for a desktop application.

Apologies if this is a silly question!

SRG3006
  • 447
  • 8
  • 21
  • 1
    having the same issue here today. 10.10.3 XCode 6.3 – Gubatron Apr 18 '15 at 11:30
  • Have you found a solution? I got the issue initially with 6.3, reverted to 6.2 as above and the issue is still there. – SRG3006 Apr 23 '15 at 23:08
  • have you checked if your certificate has expired? – Gubatron Apr 25 '15 at 17:06
  • 1
    here is a related discussion that might help us https://devforums.apple.com/message/1124508 – Gubatron Apr 26 '15 at 00:28
  • The loop in that discussion worked for me, except I had to first copy my .app, and in the loop if codesign failed, delete the .app and copy a fresh version into place before trying to codesign again. Seems codesign is not atomic (I assume that's a separate bug). – David Burson Jun 12 '15 at 19:14

4 Answers4

15

A solution I found on the Apple forum worked for me: first, run the following command to find your identity's hex ID:

$ security find-identity -v
1) A048017A43F8C9C993128B0101B81CD07049601E "lldb_codesign"
...

Then you can use that hex identifier to sign:

codesign -s A048017A43F8C9C993128B0101B81CD07049601E /usr/local/bin/gdb

Some other tips I came across while debugging this:

  • You have to give the full path to the binary (/usr/local/bin/gdb, not just gdb). It won't look on the PATH, I assume for security reasons.
  • You have to run the codesign as root if the directory your binary is in is not user-owned.
kris
  • 23,024
  • 10
  • 70
  • 79
  • 1
    This worked for me on a Jenkins build Mac mini without adding the timestamp option. I also needed to clear out my existing build artifacts. I had just recently updated this to MacOS Sierra and latest XCode 8.3.2. I have not tried this, but wonder if also reloading the certificate after upgrade might help. – Ben Butzer Apr 21 '17 at 19:52
6

passing --timestamp=none seems to make the crash go away. In this case, check the network settings, codesign may be unable to reach e.g. the timeserver.

TAR86
  • 145
  • 2
  • 9
Gubatron
  • 6,222
  • 5
  • 35
  • 37
  • 6
    ...except now your app's signature will break as soon as your certificate expires. (But this is actually a good lead to what the real problem is. Maybe it crashes when the timestamp server is down?) – Hakanai May 04 '15 at 02:19
  • 2
    It crashes if there is an issue with connecting to the server. For me it crashes because I'm behind a firewall that blocks all internet on my build server. – Cristi May 10 '19 at 12:20
0

I've encountered this in Xcode 8.3.2 when I inadvertently wound up with duplicates of my signing certificates. @kristina's answer gave me the clue; $ security find-identity -v showed me two entries with identical hashes. I fixed it by deleting the first certificate in the list with that hash, via:

$ sudo security delete-certificate -Z <SHA hash>

s3cur3
  • 2,749
  • 2
  • 27
  • 42
0

I had the same problem. For me the reason was that I wasn't connected to internet, so probably it was trying to connect a time server because of --timestamp, and it failed.

Restoring an internet connection solved it.

Basj
  • 41,386
  • 99
  • 383
  • 673