I’m trying to code sign a macOs application through CMake with a certificate.
I followed the approach mentioned in the book of @craig.scott, using -DCMAKE_XCODE_ATTRIBUTE_DEVELOPMENT_TEAM and -DCMAKE_XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY variables, but it didn’t work.
<project-name>.xcodeproj: error: No certificate for team '<the-id>' matching '<name>' found: Select a
different signing certificate for CODE_SIGN_IDENTITY, a team that matches your selected certificate, or
switch to automatic provisioning. (in target 'starship_platform_desktop' from project '<project-name>')
I’m @tonygo 's colleague. We are testing this with certificates generated from my personal Apple Developer account. The title of the certificate looks like this: “Developer ID Application: Juan Cruz Viotti (97Z2ARC25P)”
From what we understand, CMAKE_XCODE_ATTRIBUTE_DEVELOPMENT_TEAM should be 97Z2ARC25P and CMAKE_XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY should be Juan Cruz Viotti.
Is that correct, or are we misinterpreting the variables?
Unless you have multiple different identities on your machine for the same team ID, I’d normally recommend setting CMAKE_XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY to Apple Development. Xcode should then select the appropriate identity matching your specified team ID.
It’s been a while since I’ve revisited these things in my book, and I haven’t been working on any Apple projects lately. It’s possible things have changed recently, but so far I haven’t heard anything to suggest the advice in the book isn’t still applicable. The name on that certificate doesn’t seem like what I’d expect. My signing certificates for development are named “Apple Development: Craig Scott (<team-ID>)”. Are you perhaps trying to use the wrong certificate?
Thanks! We’ll give this a shot. As far as I understand, the “Apple Development” ones are for App Store / Mac App Store distribution, where as the “Developer ID Application” ones are for distribution outside of the store (which we are aiming for).
I seem to vaguely recall having difficulties trying to use the application certificate for the first signing long ago. I think the workflow that eventually worked for me was to sign with the usual Apple Developer certificate when building the code. Then, produce the archive using xcodebuild -archve ..., and lastly export that archive for distribution using xcodebuild -exportArchive .... The exporting step requires you to specify the method of distribution, and you select that in your export options plist file (using the -exportOptionsPlist command line argument). Check if one of those distribution methods matches what you want to use. The exporting step will select the appropriate certificate to re-sign your app based on the distribution method you specify.