@@ -129,6 +129,7 @@ jobs:
129129 name : Install the Apple certificate and provisioning profile
130130 env :
131131 BUILD_CERTIFICATE_BASE64 : ${{ secrets.MAC_SIGNING_BUILD_CERTIFICATE_BASE64 }}
132+ BUILD_CERTIFICATE_COMMON_NAME : ${{ secrets.MAC_SIGNING_BUILD_CERTIFICATE_COMMON_NAME }}
132133 P12_PASSWORD : ${{ secrets.MAC_SIGNING_P12_PASSWORD }}
133134 BUILD_PROVISION_PROFILE_BASE64 : ${{ secrets.MAC_SIGNING_EMBEDDED_PROVISIONPROFILE_BASE64 }}
134135 INTERMEDIATE_CERTIFICATE_BASE64 : ${{ secrets.MAC_SIGNING_APPLE_INTERMEDIATE_CERTIFICATE_BASE64 }}
@@ -157,7 +158,7 @@ jobs:
157158 echo "import certificate to keychain"
158159 # security add-trusted-cert -d -r unspecified -k "$KEYCHAIN_PATH" "$INTERMEDIATE_PEM_PATH"
159160 security import "$CERTIFICATE_PATH" -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k "$KEYCHAIN_PATH"
160- security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
161+ security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" -D "${BUILD_CERTIFICATE_COMMON_NAME}" $KEYCHAIN_PATH
161162 security list-keychain -d user -s $KEYCHAIN_PATH
162163
163164 # apply provisioning profile
@@ -216,6 +217,7 @@ jobs:
216217 name : Install the Apple certificate and provisioning profile
217218 env :
218219 BUILD_CERTIFICATE_BASE64 : ${{ secrets.MAC_SIGNING_BUILD_CERTIFICATE_BASE64 }}
220+ BUILD_CERTIFICATE_COMMON_NAME : ${{ secrets.MAC_SIGNING_BUILD_CERTIFICATE_COMMON_NAME }}
219221 P12_PASSWORD : ${{ secrets.MAC_SIGNING_P12_PASSWORD }}
220222 BUILD_PROVISION_PROFILE_BASE64 : ${{ secrets.MAC_SIGNING_EMBEDDED_PROVISIONPROFILE_BASE64 }}
221223 INTERMEDIATE_CERTIFICATE_BASE64 : ${{ secrets.MAC_SIGNING_APPLE_INTERMEDIATE_CERTIFICATE_BASE64 }}
@@ -237,15 +239,19 @@ jobs:
237239
238240 echo "create temporary keychain"
239241 security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
240- security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
241- security default-keychain -s $KEYCHAIN_PATH
242+
243+ security list-keychains -d user -s "$KEYCHAIN_PATH" $(security list-keychains -d user | sed s/\"//g)
244+
242245 security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
246+ security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
247+ #security default-keychain -s $KEYCHAIN_PATH
243248
244249 echo "import certificate to keychain"
245250 # security add-trusted-cert -d -r unspecified -k "$KEYCHAIN_PATH" "$INTERMEDIATE_PEM_PATH"
246- security import "$CERTIFICATE_PATH" -k "$KEYCHAIN_PATH" -P "$P12_PASSWORD" -T /usr/bin/codesign
247- security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
248- security list-keychains -d user -s $(security list-keychains -d user | sed -e s/\"//g) "$KEYCHAIN_PATH"
251+ security import "$CERTIFICATE_PATH" -k "$KEYCHAIN_PATH" -P "$P12_PASSWORD" -A -T /usr/bin/codesign -T "/usr/bin/productsign"
252+ # security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
253+
254+ security set-key-partition-list -S apple-tool:,apple:, -s -k $KEYCHAIN_PASSWORD -D "${BUILD_CERTIFICATE_COMMON_NAME}" -t private $KEYCHAIN_PATH
249255
250256 # apply provisioning profile
251257 echo "PP_PATH=\"$PP_PATH\"" >> $GITHUB_OUTPUT
0 commit comments