Unable to sign application in Xcode CSSMERR_TP_NOT_TRUSTED

Question

Unable to sign application in Xcode CSSMERR_TP_NOT_TRUSTED

I downloaded and installed the WWDR certificate. I tried setting it to Always Trust and system defaults.

When I try to archive my application, I get CSSMERR_TP_NOT_TRUSTED error.

If I try to sign up manually, I get the same thing:

/ usr / bin / codesign --force --sign "Third-party application for Mac developers: XX XXX-XXX" / Users / XXX / Library / Developer / Xcode / DerivedData / XXX -fivqootinaolitdbpxccqykoaoqs / ArchiveIntermediates / XXX / InstallationBuildProductsLocation / Users / XXX /Applications/XXX.app
/Users/xxx/Library/Developer/Xcode/DerivedData/xxx-fivqootinaolitdbpxccqykoaoqs/ArchiveIntermediates/xxx/InstallationBuildProductsLocation/Users/xxx/Applications /xxx.app: replacing invalid Users xive / / xxx / Appx / ActiveXData and Library xxx -fivqootinaolitdbpxccqykoaoqs / ArchiveIntermediates / xxx / InstallationBuildProductsLocation / Users / xxx / Applications / xxx.app: CSSMERR_TP_NOT_TRUSTED

BUT

If i use

sudo / usr / bin / codesign --force --sign

Then it works ....

The key is set to access the key chain in the "entry" chain.

+4

xcode cocoa

mrwooster Jul 30 '11 at 12:42

source share

3 answers

Bobjt · Answer 1 · 2012-01-13T00:05:26+0000

Obishawn used one of the suggestions provided by Apple in the following steps published to resolve this error - How to fix CodeSign error: CSSMERR_TP_NOT_TRUSTED? For others experiencing this build error -

CSSMERR_TP_NOT_TRUSTED

The above guide covers a wider range of potential causes. The error can also occur in Xcode Archive> Share, Validate or Submit time, and the above steps to resolve it are the same.

Obishawn · Answer 2 · 2011-12-02T15:52:41+0000

OK, I finally get it. I had a WWDR certificate in my login chain and my system keychain. I uninstalled both and re-imported the new version from Apple, and now everything works. I can encode codes without using sudo, and MonoDevelop can be fully compiled for distribution and download to my devices.

jeromed · Answer 3 · 2016-12-22T16:17:34+0000

My two cents on this issue: I had to fight with him for several hours. Here is what I had to fix in order to have code that does its job:

Make sure that certificates are not duplicated between login and system key
Make sure there are no old / expired / revoked versions of certificates in any keychain
Verify that all certificates have a default trust policy of "system default" . If set to always trust, then the code will not be executed.

This last point was found on a machine that was recently ported to Xcode 8.2. This may be the new behavior of Xcode 8.

Unable to sign application in Xcode CSSMERR_TP_NOT_TRUSTED

More articles: