No identity found: Command CodeSign failed with a nonzero exit code

Question

Created 3w

Replies 1

Boosts 1

Participants 2

Hello! I'm new to xcode and am developing an iOS app. I hit the following error when build my app: MY_SHA no identity found Command CodeSign failed with a nonzero exit code

I have generated my certificate through xcode. I can see the Certificate and the private key in Keychain -> login. But it's not that private key is under the Certificate. They are listed in parallel. The certificate appears in Certificate tab but not in My Certificate Tab. Would that matter?

security find-certificate -a -Z | grep -A1 "Apple Development" Gives me the certificate.

But security find-identity -v -p codesigning give 0 valid identity found.

Could you help me figure out what could be the reason for this? I've been stuck for several days now. Thank you so much! Screenshot 2026-03-09 at 9.52.37 PM.png

Boost

Answer 1

pzmi OP

3h

Hi! I'm also new to iOS development and I have exactly the same issue.

macOS 26.4 (25E246) Xcode Version 26.4 (17E192)

What I've tried:

Generated Apple Development certificate through Xcode → Settings → Accounts → Manage Certificates multiple times. Certificate and private key appear in Keychain Access but never paired (cert not expandable in "My Certificates", which remains empty).
Generated CSR manually via Keychain Access Certificate Assistant, uploaded to aninterestingwebsite.com, downloaded .cer, imported — same result, no pairing.
Generated key and CSR entirely via openssl CLI, uploaded CSR to developer portal, downloaded cert, created .p12 with -legacy flag (standard openssl 3.x p12 fails with "MAC verification failed" on import). Imported p12 — certificate and public key import but private key silently dropped. Class 0x0000000F (private key) never appears in security dump-keychain, only 0x00000010 (public key) and 0x80001000 (certificate).
security import of the PEM private key reports "The specified item already exists in the keychain" — yet security find-identity still returns 0 identities.
Verified cert and key hashes match (hpky values identical), trust chain is valid (security verify-cert succeeds), WWDR intermediate certificates (G3 through G6) all installed.
SecPKCS12Import via Swift succeeds (returns status 0), SecIdentityCopyPrivateKey succeeds, but SecItemAdd of the identity returns -25299 (duplicate). Yet SecItemCopyMatching for kSecClassIdentity returns -25300 (not found).
Direct codesign test fails: codesign -s "Apple Development: ..." /tmp/testfile → "no identity found"
Created a completely new macOS user account, and tried Xcode automatic route, again without success.
Set login keychain as default, unlocked it, removed extra keychains from search list — no effect.
Revoked and regenerated certificates multiple times on aninterestingwebsite.com.

The core issue: macOS Tahoe appears to silently refuse to store private keys in a way that creates a valid SecIdentityRef. The private key exists somewhere (Keychain Access UI shows it, security import says it already exists) but security find-identity, SecItemCopyMatching, and /usr/bin/codesign all cannot find any identity.

0