Dear apple folks, we try to establish command line based codesigning for a second user account on a machine, where it already works for another user account. User A is able to run the codesign tool like this: /usr/bin/codesign --verbose \ --timestamp \ -o runtime \ --entitlements $BASEDIR/entitlements.plist \ --sign "Developer ID Application: OUR COMPANY" \ OUR_APP.app With keychain, user A sees the following objects within the system area: A private key of OUR COMPANY The Developer ID Application certificate for OUR COMPANY User A can ask security find-identity -p codesigning and gets an output with 1 matching and 1 valid identity. This is fine so far. Not so user B. With keychain, user B sees the same objects within the sytem area as user A on this same machine. But security find-identity lists 0 identities and codesign tells user B "The specified item could not be found in the keychain". So: although the items are visible in keychain, somehow, the identity is not accessible for user B. At this point we have a lack of understanding how this is supposed to work. Can 2 users on one machine share one digital identity for codesigning? Or does user B need a second identity? We have then executed the steps in thread https://developer.apple.com/forums/thread/660871 meaning: we exported the digital identity consisting of private key and the developer ID application certificate with user A to a p12 file using keychain access. we imported this p12 file with user B via the command security import IDENTITY_FILE.p12 After this, still the same behaviour: no identities listed from security find-identity -p codesigning and codesign still throws "The specified item could not be found in the keychain". Any ideas?