Menu
I've noticed something somewhat strange when I ran the Xcode build of my app and then launch the app store build. If I run the xcode build (using development certificates), then run my app through the app store (using production certificates) I get prompted with the following dialog box
MyApp want to use your confidential information stored in "com.myApp in the keychain.
I also get this dialog when I run the app store build first, then the Xcode development build. I believe this dialog appears because both builds have different certificates (could be wrong).
My biggest concern is the user updates the app, will the user see this dialog?
Not sure if this is important, but this is how I save data to the keychain.
[[A0SimpleKeychain keychain] setString:string forKey:@"key"];
281
Your keychain may be locked automatically if your computer has been inactive for a period of time or your user password and keychain password are out of sync.
On your Mac, did you use Keychain Access to reset your iCloud Keychain? If so, macOS deleted your iCloud Keychain items. Try to set up iCloud Keychain again. If you need to reset your Mac Keychain again, temporarily disable iCloud Keychain in iCloud Preferences before you reset your macOS Keychain.
Open System Preferences, click the icon for Apple ID, and click the checkbox for Keychain. Then when you browse to a password-protected website, iCloud Keychain will ask if you want to save the password. Click Save Password and it'll be securely stored in your Keychain.
Keychain not syncing? Make sure that your new device has the latest version of iOS and the latest version of macOS. Then, make sure that your device is on a Wi-Fi or cellular network.
Apple's code signing guide has the answers.
I believe this dialog appears because both builds have different certificates
Correct. See Understanding the Code Signature:
The most important internal requirement is the designated requirement, or DR. This rule tells an evaluating system how to identify a particular piece of code. Any two pieces of code that have (and successfully verify against) the same DR are considered to be the same code.
...
Some parts of macOS do not care about the identity of the signer. They care only whether the app is validly signed and stable. Stability is determined through the DR, and does not depend on the nature of the certificate authority used. The keychain system and parental controls are examples of such usage.
From Code Signing Tasks:
Shipping and Updating Your Product
The user’s system considers the new version of your product to be the same program as the previous version. For example, Keychain Services does not distinguish older and newer versions of your program as long as both are signed and the unique Identifier remains constant.
Signing your code with a different certificate makes the system consider it a different app. As long as you sign your releases with the same certificate between versions, you will be fine.
197
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
