-
-
Notifications
You must be signed in to change notification settings - Fork 311
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
setup_local.sh fails without -legacy in generate_selfsigned_certificate.sh #3170
Comments
Hi, I was not able to reproduce the issue. I'm on macOS v14.1.1. $ openssl version
LibreSSL 3.3.6
$ scripts/codesign/setup_local.sh
+ certificateFile=codesign
++ openssl rand -base64 12
+ certificatePassword=iJ0RNAf4eKtpS9gC
+ scripts/codesign/generate_selfsigned_certificate.sh codesign iJ0RNAf4eKtpS9gC
+ certificateFile=codesign
+ certificatePassword=iJ0RNAf4eKtpS9gC
+ cat
+ openssl genrsa -out codesign.key 2048
Generating RSA private key, 2048 bit long modulus
..........................................................................................................................................................................................................................+++++
...............................................................................+++++
e is 65537 (0x10001)
+ openssl req -x509 -new -config codesign.conf -nodes -key codesign.key -extensions extensions -sha256 -out codesign.crt
+ openssl pkcs12 -export -inkey codesign.key -in codesign.crt -out codesign.p12 -passout pass:iJ0RNAf4eKtpS9gC
+ scripts/codesign/import_certificate_into_main_keychain.sh codesign iJ0RNAf4eKtpS9gC
+ certificateFile=codesign
+ certificatePassword=iJ0RNAf4eKtpS9gC
+ security import codesign.p12 -P iJ0RNAf4eKtpS9gC -T /usr/bin/codesign
1 identity imported.
+ security add-trusted-cert -d -r trustRoot -p codeSign codesign.crt I'm wondering if perhaps you have installed a custom version of openssl, or some other dependency used by the Thank you |
There may very well be something else at play as you suggested, since this is happening on a pre-configured work machine. I just checked:
I'm unsure how to check the version of |
I had this problem too. this problem depends on the version of openssl. |
Describe the bug
When running
scripts/codesign/setup_local.sh
I get this errorMAC verification failed during PKCS12 import (wrong password?)
. Adding-legacy
to the finalopenssl
command ingenerate_selfsigned_certificate.sh
fixes this error. I'm not sure which OS versions need this flag, as I assume older versions worked just fine without it, but it's possible new Mac versions going forward may need this.Screenshots / video
![image](https://private-user-images.githubusercontent.com/122312713/303939300-c3dd93ad-d729-48be-8e7a-406f5b72600f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTg2MDA5OTgsIm5iZiI6MTcxODYwMDY5OCwicGF0aCI6Ii8xMjIzMTI3MTMvMzAzOTM5MzAwLWMzZGQ5M2FkLWQ3MjktNDhiZS04ZTdhLTQwNmY1YjcyNjAwZi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjE3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYxN1QwNTA0NThaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT04MTM1ODg3NDlhYjA2N2Q4YmQ5MjUyODMxZmZiMGQ2YmIwZmI5YmMyN2E1MWI0N2FiOTIwODI4ZDFkODQ4NTJjJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.YOA9ZKkvitPX0iJ8fWtkD9YKPBv1_JuQpdM3RO-lHYk)
![image](https://private-user-images.githubusercontent.com/122312713/303939466-f75bf2d9-13de-47a8-82cb-b5e23255a3c1.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTg2MDA5OTgsIm5iZiI6MTcxODYwMDY5OCwicGF0aCI6Ii8xMjIzMTI3MTMvMzAzOTM5NDY2LWY3NWJmMmQ5LTEzZGUtNDdhOC04MmNiLWI1ZTIzMjU1YTNjMS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjE3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYxN1QwNTA0NThaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1mNDc0N2RjNTAxMDFjYzE0NTgyNzFhZDVlNzM1NzY2YjY0YzE2NDMwNDc3MDA3YTYxNDFhYzc4NTVkYjA4NDc5JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.oKkTVNQwSAAanlXpMrM2t7NzqufWs5b6Zap-Lo2eVm0)
![image](https://private-user-images.githubusercontent.com/122312713/303939480-fbfa080e-8404-4f1e-9f4d-bdc43c0980ac.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTg2MDA5OTgsIm5iZiI6MTcxODYwMDY5OCwicGF0aCI6Ii8xMjIzMTI3MTMvMzAzOTM5NDgwLWZiZmEwODBlLTg0MDQtNGYxZS05ZjRkLWJkYzQzYzA5ODBhYy5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjE3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYxN1QwNTA0NThaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT03MzA2OWQ4MWIzMGQ4ZDM1ODI5NmMwNzZmMWNlNTlmYTMwZTQyODk1NmMzNzhhZWYzNzEwY2NmY2M2MjA2MDU3JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.yO7iiTP6QBsCchzTDtL5YY56j_VvpFbQPiVowrRtC-A)
Steps to reproduce the bug
scripts/codesign/setup_local.sh
on Sonoma 14.2.1Your environment
This is a work MacBook Pro with custom configuration, may not happen on a personal machine
The text was updated successfully, but these errors were encountered: