Note: This failure occurs even when running on the same machine that performed the build, signing, and notarization steps. We are developing a command-line Endpoint Security (ES) client for macOS, distributed to customers as part of an enterprise security suite. We have a valid Apple Developer Team ID (redacted for privacy) and have requested and received the Endpoint Security entitlement for our account. What We’ve Done Built a universal (x86_64/arm64) CLI ES client using Xcode on macOS Sonoma. Signed with a Developer ID Application certificate (matching our Team ID). Applied the entitlement: com.apple.developer.endpoint-security.client. Notarized the binary via notarytool after receiving Apple’s confirmation that the entitlement was “assigned to our account.” Distributed and unzipped the notarized ZIP (with com.apple.quarantine xattr intact). What Happens: When we run the binary (as root, via sudo) on any test Mac—including the original build/notarization machine—the process is killed immediately at launch. Kernel log (log stream --predicate 'eventMessage CONTAINS "AMFI"' --info) shows: AMFI: code signature validation failed. AMFI: bailing out because of restricted entitlements. AMFI: When validating /path/to/fidelisevents: Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: What We’ve Verified: codesign -dvvv --entitlements :- ./fidelisevents shows the correct entitlement, team identifier, and certificate. xattr ./fidelisevents shows both com.apple.provenance and com.apple.quarantine. spctl -a -vv ./fidelisevents returns: rejected (the code is valid but does not seem to be an app) origin=Developer ID Application: [REDACTED] The process is killed even if run on the same Mac where build/sign/notarization occurred. Other Details The entitlement approval email from Apple simply says it is “assigned to your account” and does not mention “production” or “distribution.” We have rebuilt, re-signed, and re-notarized after receiving the email. This occurs on both Apple Silicon and Intel Macs, with recent macOS versions (Sonoma, Ventura). Question Is it possible that Apple only assigned the development Endpoint Security entitlement, and not the production entitlement required for distributing/running notarized ES clients outside of development? Is there any way to verify the level of entitlement (dev vs. production) associated with our Team ID? What additional steps, if any, are needed to enable the production entitlement so that our binaries can run on customer endpoints without being killed by AMFI? Any advice, experience, or official documentation about production ES entitlement rollout, approval, or troubleshooting would be greatly appreciated! Thanks in advance!

Having reviewed every document, this has been going on for nearly two months. Originally, it was thought that the problem might be related to the fact I had created the developer ID signing certificate on an intel mac, and trying to import and use it on an M1 Mac-Mini. That turned out to not be the case. Completely started over with a new account (the company changed names), requested and was granted the entitlements we needed. Create a new CSR from this new m1 machine, created a Developer ID certificate, installed the certificate on this machine. But no matter what, the codesign fails. Troubleshooting Environment: Brand new Apple Developer account and Developer ID Application certificate (generated CSR on this Mac, installed cert and private key in login keychain) macOS build/signing machine, not running codesign as root Working from Terminal app in GUI session, not via SSH/cron Keychain & Certificate Chain: Verified Developer ID Application: Fidelis Security LLC (J4WGF5B6KZ) certificate and private key are present in login keychain Verified certificate is marked as trusted and has a private key attached Developer ID Certification Authority present and trusted in System keychain (removed any extra from login) Evaluate certificate assistant shows everything is good Apple Root CA present and trusted in System keychain Set all trust settings back to System Defaults after testing with “Always Trust” No expired or duplicate Developer ID intermediates present codesign Troubleshooting: Ran: codesign --force --timestamp --options runtime --sign "Developer ID Application: Fidelis Security LLC (J4WGF5B6KZ)" ./fidelisevents Consistently received: Warning: unable to build chain to self-signed root for signer ... errSecInternalComponent Confirmed correct identity using: security find-identity -v -p codesigning (Shows my Developer ID Application cert as valid) Keychain order confirmed with security list-keychains Tried explicit --keychain argument in codesign (no change) Additional Steps Attempted: Downloaded and re-installed all relevant Apple intermediates/root certificates from https://www.apple.com/certificateauthority/ Rebooted the Mac and killed/restarted the securityd daemon Confirmed no use of sudo or root for codesigning Verified keychain is unlocked Checked that partition list grants access to codesign (set with security set-key-partition-list -S "apple:codesign:" -s -k "" ~/Library/Keychains/login.keychain-db) Attempted to codesign a copy of /usr/bin/true (same error) Ran codesign both with and without --timestamp, both on app bundle and binary Keychain Access showing: Certificate and private key present and linked Correct trust chain System keychain containing all Apple intermediates/roots No trust warnings or red Xs Downloaded the latest Apple CA and Developer ID Root certificates and installed those. None of the forum searches have helped. AI is likewise confused.

I have gone through the sample code a dozen times. This time, I've followed all previous advice, I'm using an Apple Developer ID, etc. Still, I'm getting errors trying to run the sample. 2022-08-02 14:43:57.703315-0700 0xf6e9bc  Error    0x0         55202 0  taskgated-helper: (ConfigurationProfiles) [com.apple.ManagedClient:ProvisioningProfiles] com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension: Unsatisfied entitlements: com.apple.developer.endpoint-security.client 2022-08-02 14:43:57.703354-0700 0xf6e9bc  Error    0x0         55202 0  taskgated-helper: (ConfigurationProfiles) [com.apple.ManagedClient:ProvisioningProfiles] Disallowing: com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension 2022-08-02 14:43:57.703925-0700 0xf6ee5b  Default   0x0         213  0  amfid: /Library/SystemExtensions/20882B24-F907-4515-9C3D-ADC6E61F486F/com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension.systemextension/Contents/MacOS/com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension signature not valid: -67671 2022-08-02 14:43:57.704076-0700 0xf6ef8d  Default   0x0         0   0  kernel: mac_vnode_check_signature: /Library/SystemExtensions/20882B24-F907-4515-9C3D-ADC6E61F486F/com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension.systemextension/Contents/MacOS/com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension: code signature validation failed fatally: When validating /Library/SystemExtensions/20882B24-F907-4515-9C3D-ADC6E61F486F/com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension.systemextension/Contents/MacOS/com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension: 2022-08-02 14:43:57.704105-0700 0xf6ef8d  Default   0x0         0   0  kernel: proc 54551: load code signature error 4 for file "com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension" 2022-08-02 14:43:57.704926-0700 0xf6ef8e  Default   0x0         0   0  kernel: com.example.apple-samplecode.Sam[54551] Corpse allowed 1 of 5 2022-08-02 14:43:57.738424-0700 0xf6edc0  Default   0x0         87   0  systemstats: Doing SMC sample (queued) 2022-08-02 14:44:00.185997-0700 0xf6edcf  Default   0x0         921  0  ReportCrash: Formulating fatal 309 report for corpse[54551] com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extensi 2022-08-02 14:44:00.187059-0700 0xf6edcf  Default   0x0         921  0  ReportCrash: Unable to find store record for 'file:///Library/SystemExtensions/20882B24-F907-4515-9C3D-ADC6E61F486F/com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension.systemextension/': Error Domain=NSOSStatusErrorDomain Code=-10811 "kLSNotAnApplicationErr: Item needs to be an application, but is not" UserInfo={_LSLine=175, _LSFunction=_LSFindBundleWithInfo_NoIOFiltered} 2022-08-02 14:44:00.197169-0700 0xf6edcf  Default   0x0         921  0  ReportCrash: com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension is not a MetricKit client 2022-08-02 14:44:00.197939-0700 0xf6edcf  Default   0x0         921  0  ReportCrash: (CoreAnalytics) [com.apple.CoreAnalytics.stability-event:event-send] Sending event: com.apple.stability.crash {"bundleID":"com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension","bundleVersion":"1","exceptionCodes":"0x0000000000000000, 0x0000000000000000(\n  0,\n  0\n)EXC_CRASHSIGKILL (Code Signature Invalid)","incidentID":"D4F821FA-40AC-4897-8C20-84895D264CDD","logwritten":0,"process":"com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extensi","terminationReasonExceptionCode":"0x1","terminationReasonNamespace":"CODESIGNING"} 2022-08-02 14:44:00.199307-0700 0xf6ec8f  Default   0x0         166  0  analyticsd: [com.apple.CoreAnalytics.stability-event:event-recv] Received event: com.apple.stability.crash {"bundleID":"com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extension","bundleVersion":"1","exceptionCodes":"0x0000000000000000, 0x0000000000000000(\n  0,\n  0\n)EXC_CRASHSIGKILL (Code Signature Invalid)","incidentID":"D4F821FA-40AC-4897-8C20-84895D264CDD","logwritten":0,"process":"com.example.apple-samplecode.SampleEndpointAppAMLU8UA7F6.Extensi","terminationReasonExceptionCode":"0x1","terminationReasonNamespace":"CODESIGNING"} Please help!

I have verified that the extension is loaded: systemextensionsctl list 1 extension(s) --- com.apple.system_extension.endpoint_security enabled active teamID bundleID (version) name [state] * * AMLU8***** com.example.apple-samplecode.SampleEndpointAppAMLU8*****.Extension (1.0/1) Extension [activated enabled] But it is not running/launched: sudo launchctl list AMLU8*****.com.example.apple-samplecode.SampleEndpointApp.Extension Could not find service "AMLU8*****.com.example.apple-samplecode.SampleEndpointApp.Extension" in domain for system What am I missing?

If I run this application from my home developer directory, it doesn't have a problem. When, however, I copy it to /Library/Application Support/Fidelis..., then I immediately get "killed -9" ./protect_am Killed: 9 I have this code structure: ProtectOnAccess.app/ ProtectOnAccess.app//Contents ProtectOnAccess.app//Contents/_CodeSignature ProtectOnAccess.app//Contents/_CodeSignature/CodeResources ProtectOnAccess.app//Contents/_CodeSignature/CodeDirectory ProtectOnAccess.app//Contents/_CodeSignature/CodeRequirements-1 ProtectOnAccess.app//Contents/_CodeSignature/CodeSignature ProtectOnAccess.app//Contents/_CodeSignature/CodeRequirements ProtectOnAccess.app//Contents/MacOS ProtectOnAccess.app//Contents/MacOS/protect_am ProtectOnAccess.app//Contents/Resources ProtectOnAccess.app//Contents/Resources/Info.plist ProtectOnAccess.app//Contents/embedded.provisionprofile ProtectOnAccess.app//Contents/Info.plist ProtectOnAccess.app//Contents/PkgInfo and ./protect_am is a symbolic link as follows: lrwxr-xr-x 1 root wheel 45B Apr 27 14:52 protect_am -> ProtectOnAccess.app/Contents/MacOS/protect_am The thing is, I have had this work at times. No idea what the problem is. Log stream isn't helping codesign -vvvv protect_am protect_am: valid on disk protect_am: satisfies its Designated Requirement codesign -vvvv ProtectOnAccess.app/ --prepared:/Library/Application Support/Fidelis/Endpoint/Platform/services/protect/ProtectOnAccess.app/Contents/MacOS/protect_am --validated:/Library/Application Support/Fidelis/Endpoint/Platform/services/protect/ProtectOnAccess.app/Contents/MacOS/protect_am ProtectOnAccess.app/: valid on disk ProtectOnAccess.app/: satisfies its Designated Requirement Now, I do have entitlements added only to the executable, not to the .app. codesign -d --entitlements :- ProtectOnAccess.app/Contents/MacOS/protect_am Executable=/Library/Application Support/Fidelis/Endpoint/Platform/services/protect/ProtectOnAccess.app/Contents/MacOS/protect_am <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.application-identifier</key> <string>AMLU******.Fidelis.protect-am</string> <key>com.apple.developer.endpoint-security.client</key> <true/> <key>com.apple.developer.team-identifier</key> <string>AMLU******</string> <key>com.apple.security.cs.allow-jit</key> <true/> </dict> </plist> I would like to know what I'm doing wrong, and what I have accidentally done right from time to time to have it work.

I have a stand-alone executable that has the endpoint-security entitlement. It has taken a bit to get this signed because it's build using a makefile and clang++, not using xcode. I have copied this executable to another mac, and try to run it, but it is getting disallowed because "no eligible provisioning profiles found" sh-3.2# codesign --verify -vvvv -R='anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.1] exists and (certificate leaf[field.1.2.840.113635.100.6.1.2] exists or certificate leaf[field.1.2.840.113635.100.6.1.4] exists)' ./protect_am ./protect_am: valid on disk ./protect_am: satisfies its Designated Requirement test-requirement: code failed to satisfy specified code requirement(s) So this seems to indicate it is missing the provisioning profile. The signing seems correct: sh-3.2# codesign -d --entitlements :- ./protect_am Executable=/Library/Application Support/Fidelis/Endpoint/Platform/services/protect/protect_am <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.application-identifier</key> <string>AM********.******.protect-am</string> <key>com.apple.developer.endpoint-security.client</key> <true/> <key>com.apple.developer.team-identifier</key> <string>AM********</string> <key>com.apple.security.cs.allow-jit</key> <true/> </dict> </plist> I have no idea how to get this to run. What am I missing?

I recently asked a question about how to sign manually without using xcode. I was provided a link about signing a Daemon with a Restricted Entitlement (https://developer.apple.com/documentation/xcode/signing-a-daemon-with-a-restricted-entitlement). This works, and I have manually signed everything in my DaemonInAppsClothing.app, and it runs. The problem, however, is that when I copy this to another mac running 10.15, it will not load. The output from the log stream is: 2022-03-02 10:53:50.370834-0700 0x910e Activity 0x38f 128 0 amfid: (Security) SecTrustEvaluateIfNecessary 2022-03-02 10:53:50.373382-0700 0x910e Activity 0xac80 128 0 amfid: (Security) SecTrustEvaluateIfNecessary 2022-03-02 10:53:50.375773-0700 0x910e Default 0x0 128 0 amfid: [com.apple.MobileFileIntegrity:amfid] Requirements for restricted entitlements failed to validate, error -67050, requirements: '<private>', error: (null) 2022-03-02 10:53:50.375806-0700 0x910e Default 0x0 128 0 amfid: [com.apple.MobileFileIntegrity:amfid] Restricted entitlements not validated, bailing out. Error: (null) 2022-03-02 10:53:50.375917-0700 0x910e Default 0x0 128 0 amfid: /Library/Application Support/DaemonInAppsClothing/DaemonInAppsClothing.app/Contents/MacOS/DaemonInAppsClothing signature not valid: -67050 2022-03-02 10:53:50.375989-0700 0x91de Default 0x0 0 0 kernel: (AppleMobileFileIntegrity) AMFI: code signature validation failed. 2022-03-02 10:53:50.375999-0700 0x91de Default 0x0 0 0 kernel: (AppleMobileFileIntegrity) AMFI: bailing out because of restricted entitlements. 2022-03-02 10:53:50.376023-0700 0x91de Default 0x0 0 0 kernel: mac_vnode_check_signature: /Library/Application Support/DaemonInAppsClothing/DaemonInAppsClothing.app/Contents/MacOS/DaemonInAppsClothing: code signature validation failed fatally: When validating /Library/Application Support/DaemonInAppsClothing/DaemonInAppsClothing.app/Contents/MacOS/DaemonInAppsClothing: Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: 2022-03-02 10:53:50.376053-0700 0x91de Default 0x0 0 0 kernel: proc 1674: load code signature error 4 for file "DaemonInAppsClothing" 2022-03-02 10:53:50.376528-0700 0x91df Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Sleep interrupted, signal 0x100 2022-03-02 10:53:50.376541-0700 0x91df Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Security policy would not allow process: 1674, /Library/Application Support/DaemonInAppsClothing/DaemonInAppsClothing.app/Contents/MacOS/DaemonInAppsClothing 2022-03-02 10:53:50.376611-0700 0x91df Default 0x0 0 0 kernel: DaemonInAppsClothing[1674] Corpse allowed 1 of 5 2022-03-02 10:53:50.379313-0700 0x9118 Activity 0x6dd4 135 0 syspolicyd: (Security) SecTrustEvaluateIfNecessary 2022-03-02 10:53:50.381449-0700 0x9118 Activity 0x6dd5 135 0 syspolicyd: (Security) SecTrustEvaluateIfNecessary 2022-03-02 10:53:50.385619-0700 0x9118 Default 0x0 135 0 syspolicyd: [com.apple.syspolicy.exec:default] GK evaluateScanResult: 2, PST: (vuid: 261312F5-D32F-4491-9E10-21D820BDAD32), (objid: 7500674), (team: AMLU8UA7F6), (id: (null)), (bundle_id: (null)), 0, 0, 1, 0, 8, 0 2022-03-02 10:53:50.385798-0700 0x8dd0 Error 0x0 135 0 syspolicyd: [com.apple.syspolicy.exec:default] failed to call driver: 0x3 2022-03-02 10:53:50.385783-0700 0x8dd0 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Could not find reference 17, process must have died 2022-03-02 10:53:50.387227-0700 0x8dd1 Default 0x0 213 0 ReportCrash: Parsing corpse data for pid 1674 2022-03-02 10:53:50.387466-0700 0x8dd1 Default 0x0 213 0 ReportCrash: Parsing corpse data for process DaemonInAppsClot [pid 1674] 2022-03-02 10:53:52.487053-0700 0x8dd1 Default 0x0 213 0 ReportCrash: _dyld_process_info_create failed 2022-03-02 10:53:54.987270-0700 0x8dd1 Default 0x0 213 0 ReportCrash: (CoreSymbolication) Failed to read dyld info for process 1674 (6) 2022-03-02 10:53:54.987969-0700 0x8dd1 Default 0x0 213 0 ReportCrash: Failed to create CSSymbolicatorRef for <private>[1674] I have tried to verify the entitlements, but I get this output: Executable=/Library/Application Support/DaemonInAppsClothing/DaemonInAppsClothing.app/Contents/MacOS/DaemonInAppsClothing <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.endpoint-security.client</key> <true/> <key>com.apple.security.cs.allow-jit</key> <true/> </dict> </plist> sh-3.2# security cms -D -i DaemonInAppsClothing.app/Contents/embedded.provisionprofile security: cert import failed: A default keychain could not be found. security: problem decoding Any help would be appreciated

We have a new application I'm writing that uses the endpoint security entitlement. The profile seems to be something we can set up via xcode, but we are not using xcode. We use custom makefiles and manually codesign. When we try to use this entitlement, it fails to load with this error: Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: It appears that this is most likely because we aren't using a provisioning profile, but instead, just using codesign to set hardening and the endpoint security entitlement. I have not found any information about how to fix this, and I am relatively new to apple osx development, so any help would be appreciated!