Xcode cannot resolve ambiguous code signing identities
Originator: | matt | ||
Number: | rdar://10866248 | Date Originated: | 14-Feb-2012 09:16 PM |
Status: | Duplicate/9359826 | Resolved: | |
Product: | Developer Tools | Product Version: | 4.2.1/4D502 |
Classification: | Other Bug | Reproducible: | Always |
Summary: Xcode's CODE_SIGN_IDENTITY build setting should match codesign's search options, supporting identity preference and hash-based lookups to resolve ambiguous matches. Currently it only searches the certificate common names and fails if multiple matches are found. Steps to Reproduce: 1. Add a code signing certificate to the default keychain named "3rd Party Mac Developer Application: CompanyX". 2. Add a second code signing certificate named "CompanyX". 3. In an Xcode target set CODE_SIGN_IDENTITY to "CompanyX". 4. Attempt to build the target, receive an "ambiguous matches" error. 5. In Keychain Access create an identity preference for the CompanyX certificate named "CompanyX Direct Code Signing". 6. Set CODE_SIGN_IDENTITY to the name of the identity preference. 7. Attempt to build the target. 8. Set CODE_SIGN_IDENTITY to the SHA-1 hash of the "CompanyX" certificate. 9. Attempt to build the target. Expected Results: The last two build attempts result in a successfully signed binary. Actual Results: Both build attempts fail at the Check Dependencies phase with "Code Sign error: The identity 'x' doesn't match any valid certificate/private key pair in the default keychain".
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
+1
+1
+1
+1