Thank you for the answer, I already went over this document. I have problems only with SSH and CI. In the logged-in session, application is signed successfully. Steps I took over SSH: % security find-identity -p codesigning Policy: Code Signing Matching identities 1) 4E7CC0830457446B065A4EEA4CE259E9C3F8107C "Apple Development: <old one>" (CSSMERR_TP_CERT_EXPIRED) 2) E89C6BAEF24BCB768B27A482DF05F5C4623977AE "Developer ID Application: <new one>" 3) E89C6BAEF24BCB768B27A482DF05F5C4623977AE "Developer ID Application: <new one>" 3 identities found Valid identities only 1) E89C6BAEF24BCB768B27A482DF05F5C4623977AE "Developer ID Application: <new one>" 2) E89C6BAEF24BCB768B27A482DF05F5C4623977AE "Developer ID Application: <new one>" 2 valid identities found Then, % security list-keychains "/Users/ec2-user/Library/Keychains/login.keychain-db" "/Library/Keychains/System.keychain" % security unlock-keychain % codesign -s "Developer ID Application..." -f test1 test1: replacing existing signature Warning: unable to build chain to self-signed root for signer "Developer ID Application..." test1: errSecInternalComponent What do you think?