Until I migrated to a new M1 machine running OSX 12, this used to work fine: codesign --sign <cert> --force --timestamp --options runtime <binaryname> Now, the exact same command (same cert, same binary) throws an error "errSecInternalComponent" internal error in Code Signing subsystem I found a vague reference that there might be some problems currently with Monterey in this regard and that ENABLE_BITCODE=NO might need to be used but it's not clear how to set that for CLI use like this. Any ideas much appreaciated.

I have binary generated by a non-xcode process which works. The way the binary is constructed means that the Mach-o headers are not correct for codesigning and I have a manual C program to correct the headers. This has worked fine for years but on OSX 12, after the header-manipulation runs, the signature generated by the compile of the binary is invalid and so the binary won't run any more (the usual "Killed" error). Codesigning also fails, presumably for the same reason. So, the question is on OSX 12, after I have manually changed Mach-o headers, can I resign somehow to obtain a valid binary again for codesigning?