App is repeatedly rejected under Guideline 2.5.1 for referencing the private API:_SecCertificateIsValid Reported custom framework CommonLibrary.framework. The SDK is written in Objective-C and uses only public Security APIs. It does not use any deprecated APIs. We have verified the framework binary using nm, otool, and strings, and _SecCertificateIsValid does not appear in exported or hidden symbols. Bitcode is disabled, dead-code stripping is enabled, and the Release build uses -Os. Despite this, App Store Connect continues to detect _SecCertificateIsValid. We have attached herewith screenshots of our analysis for the reference. Can Apple’s server-side analysis or Security.framework internals still surface _SecCertificateIsValid? Is there a recommended way for SDK authors to prevent this symbol from being flagged?

Hello, "This issue is blocking App store approval" I have tried pushing my application to Appstore. However it has been rejected on the following ground: _"As we discussed, the app uses or references the following non-public or deprecated APIs: Frameworks/CommonLibrary.framework/CommonLibrary Symbols: • _SecCertificateIsValid The use of non-public or deprecated APIs is not permitted, as they can lead to a poor user experience should these APIs change and are otherwise not supported on Apple platforms."_ I have scanned the app using "strings" tool & "otool -ov" tool. But they have come out clean. No Non-public or deprecated APIs detected. Please advise which tool can be used to scan the CL to locate where the deprecated API or non-public API lies and also how to rectify the same. Thanks Saikat Bakshi.