Xcode codesign failed with exit code 1; expired certificates causing ambiguous matches

If you work with Xcode code signing long enough you’ll run into an error like this:

/usr/bin/codesign failed with exit code 1

If you view the build results (Build->Build Results), and expand the error message (there is a little paragraph button on the right-hand side of the line) you may see something like this:

iPhone Developer: Firstname Lastname (hashcode): ambiguous (matches "iPhone Developer: Firstname Lastname (hashcode)" in /Library/Keychains/System.keychain and "iPhone Developer: Firstname Lastname (hashcode)" in /Users/username/Library/Keychains/login.keychain)
Command /usr/bin/codesign failed with exit code 1

You have two certificates, with the same unique identifiers. One is in your login keychain and the other is in your system keychain. The real problem is, you probably have an expired certificate conflicting with your active certificate.

See my video explaining how to fix Xcode codesign failed with exit code 1; expired certificates causing ambiguous matches. You can also follow along with the screenshots below.

You wouldn’t know it when viewing the Keychain Access app. When you view your login certificates it will probably look like everything is fine. Open Applications->Utilities->Keychain Access. Then select the login keychain and Certificates category. Everything will probably look fine.

Keychain login certificates

And when you view your system certificates, there won’t be anything there either. Select the System keychain and Certificates category.

Keychain system certificates with expired hidden

You have to show expired certificates. For some reason, this isn’t on by default. From the menu, choose View->Show Expired Certificates.

Keychain system show expired certificates

Then you will see the offending certificate with an onerous red x circle.

Keychain system with expired certificates visible

Just delete the old certificate and build again.

Keychain system delete expired certificate

I hope this saves someone some time.

More information:

Author: eric

Eric Holsinger is a software professional and photography enthusiast in Southern Maine.

29 thoughts on “Xcode codesign failed with exit code 1; expired certificates causing ambiguous matches”

  1. thanks so much, but I had another twist. The KeyChain Access utility wouldn’t let me delete any of the duplicate certificates in the System keychain.

    I finally got it to work by rebooting the machine. I tried quiting everything and disconnecting the device, but nothing worked. This was with xcode 4.2 on leopard.

    At any rate, I decided to reboot and that cleared the problem – I was then able to clear the duplicate certs and compile my app.

    It is possible that kicking /usr/sbin/securityd might have worked as well.

  2. thank you very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very MUCH

  3. Thank you SOOOOOO much!!! I have been cursing Apple for hours now lol. I even made a new project called F*** Y** Apple thinking it was a corrupted project 🙂 It all works now!

  4. THANKS TO YOU!!! I was going crazy trying to figure out what was wrong. You saved my monitor from any more verbal abuse… for the moment. 🙂

  5. Thank you so much. I’ve been trying for hours to fix this issue, jumping through all kinds of hoops, deleting and re-downloading certificates, manually editing project files… and this was it.

    Why viewing expired certificates is only turned off be default in the System view of Keychain is beyond me. Uggh.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.