Fixing "No Identity Found" Error While Code Signing in Mac/Apple
After the Monterey update in macOS, developers would have come across error messages like no identity found in the keychain or 0 valid identities found while trying to code sign some app. This is because code signing an app has been made mandatory since macOS Monterey. But to code sign an app, you first need a Code Signing Certificate issued by a Certificate Authority.
Create a Certificate Authority & a Code Signing Certificate
If you have created neither a Certificate Authority nor a Code Signing certificate yet, this tutorial here teaches you how to do so first.
Fixing Invalid Code Signing Identities
Now if you already have a Code Signing Certificate in the Keychain but when you try to code sign some app you get error messages like
no identity found in the keychain
or when you bring up the terminal and type the below command
security find-identity -v
you encounter messages like
0 valid identities found
The first thing to do is to download the Apple’s World Wide Developer Relations (WWDR) certificate from Apple available at http://developer.apple.com/certificationauthority/AppleWWDRCA.cer. After the download, drag and drop the downloaded certificate file to
Keychain Access (left) click on the code signing certificate that is not working. Then from the menu choose
Keychain Access >
Certificate Assistant >
In the form, check
Code Signing. Click
Next is the final part of the form. Click
Now you can check the codesigning certificate again. In the terminal, type
security find-identity -v -p codesigning
The output will be something like
1) 0FD6E4E658571C49778123E622621DD9BB069EE6 "Dennis" 1 valid identities found
Now as an example, we will try to code sign
libphp7.so (assuming PHP 7.4 is already installed), which is an essential step for PHP developers.
Get the location of the
find / -name libphp7.so
One of the paths to it is
/email@example.com/lib/httpd/modules/libphp7.so. Code sign it.
codesign -f -s 0FD6E4E658571C49778123E622621DD9BB069EE6 /firstname.lastname@example.org/lib/httpd/modules/libphp7.so
We verify the signing.
codesign -dv --verbose=4 /email@example.com/lib/httpd/modules/libphp7.so
The error messages would have gone now.