When compiling my application I'm getting the following error:
CodeSign /Users/pupeno/Library/Developer/Xcode/DerivedData/ProjectX-cynmgyozflnwbpamwnpsnhgshuyq/Build/Products/Debug/Project\ X.app
cd /Users/pupeno/Projects/ProjectX
export CODESIGN_ALLOCATE=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate
Signing Identity: "Mac Developer: José Fernández (G4PM7K38JH)"
/usr/bin/codesign --force --sign A21FB31766DDCBB28FBB4E4DD86E3743024A45F3 --entitlements /Users/pupeno/Library/Developer/Xcode/DerivedData/ProjectX-cynmgyozflnwbpamwnpsnhgshuyq/Build/Intermediates/ProjectX.build/Debug/App.build/Project\ X.app.xcent --requirements =designated\ =>\ anchor\ apple\ generic\ \ and\ identifier\ \"$self.identifier\"\ and\ ((cert\ leaf[field.1.2.840.113635.100.6.1.9]\ exists)\ or\ (\ certificate\ 1[field.1.2.840.113635.100.6.2.6]\ exists\ and\ certificate\ leaf[field.1.2.840.113635.100.6.1.13]\ exists\ \ and\ certificate\ leaf[subject.OU]\ =\ \"XHT4M2DATL\"\ )) /Users/pupeno/Library/Developer/Xcode/DerivedData/ProjectX-cynmgyozflnwbpamwnpsnhgshuyq/Build/Products/Debug/Project\ X.app
/Users/pupeno/Library/Developer/Xcode/DerivedData/ProjectX-cynmgyozflnwbpamwnpsnhgshuyq/Build/Products/Debug/Project X.app: code object is not signed at all
In subcomponent: /Users/pupeno/Library/Developer/Xcode/DerivedData/ProjectX-cynmgyozflnwbpamwnpsnhgshuyq/Build/Products/Debug/Project X.app/Contents/Frameworks/Paddle.framework
Command /usr/bin/codesign failed with exit code 1
I'm using two frameworks, Paddle and Sparkle and they are configured to sign on copy:
Looking for a solution to this problem I found many recommendations to do a --deep sign, which is officially discouraged by Apple (Using the codesign Tool's --deep Option Correctly).
I also found the article Code Signing and Mavericks which also explains that using --deep is wrong and offers an alternative: using a script to generate signatures for each framework. I think this is something that was needed before Xcode had the option to sign on copy, but I gave it a try anyway. It made no difference, I still get the same error. Looking at the logs, the bundles are getting signed with the "Sign on copy" option, so, adding that script caused them to get signed twice.
My code signing identity is configured as follows for the whole project and each target just inherits it:
I understand that's not the appropriate signature for Release, but for now, we are just trying to get this to build and run locally.
Any ideas what's wrong? Any ideas how to fix it? I understand that
For me I had to go to the Project build settings and set Other Code Signing Flags to --deep
. The problem was that my framework in the project was not signed.