electron-builder notarize electron-notarize

Electron builder, app signing fails with error: Failed to get authorization for username and password

Our build scripts were working fine until the last week when they started failing for no particular reason

Authorization of apple dev account fails right before uploading the generated assets to apple servers for signing

The exact error:

• notarization successful
  ⨯ Failed to upload app to Apple's notarization servers

2023-06-12 21:34:55.078 *** Error: Notarization failed for '/var/folders/46/2g56kmkj5vg088rg986v50y00000gn/T/electron-notarize-XOnl0H/MyElectronApp.zip'.
322023-06-12 21:34:55.079 *** Error: Unable to upload your app for notarization. Failed to get authorization for username <redacted-email> and password. (
33    "Error Domain=ITunesConnectionOperationErrorDomain Code=-19000 \"Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com\" UserInfo={NSLocalizedRecoverySuggestion=Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com, NSLocalizedDescription=Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com, NSLocalizedFailureReason=Apple Services operation failed.}"
34) (-1011)
35 {
36    NSLocalizedDescription = "Unable to upload your app for notarization.";
37    NSLocalizedFailureReason = "Failed to get authorization for username <redacted-email> and password. (\n    \"Error Domain=ITunesConnectionOperationErrorDomain Code=-19000 \\\"Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com\\\" UserInfo={NSLocalizedRecoverySuggestion=Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com, NSLocalizedDescription=Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com, NSLocalizedFailureReason=Apple Services operation failed.}\"\n)";
38}

Things I have tried

regenerating the app_specific_password, twice
checking the apple status page, everything seems to be running
Just keep trying to generate builds after a few hours (no matter how stupid, this would work many times in the past, but now it's longer than usual)
Checking validity of developer certificates. All still valid

Does someone have any other solutions that worked for them? Any help is much appreciated.

Solution

The problem wasn't with the app_specific_password, my system was missing the private key for the developer certificates.

So, to create notarized builds on macOS you need to add the certificates for your Apple Developer Identity to your login / system keychain.
You can find the steps for generating these here - https://developer.apple.com/help/account/create-certificates/create-developer-id-certificates/

But while sharing these certs to another device make sure to also share and add the Private key that is linked to the Developer Identity certificate that you previously added.
You can find this inside the keys section in Keychain Access

Note: In case you see warnings about the certificate not being trusted on the new device, download Worldwide Developer Relations - G3 (Expiring 02/20/2030 00:00:00 UTC) from https://www.apple.com/certificateauthority/ under the Apple Intermediate Certificates section.

Just Manually marking the certificate as trusted wasn't working for me.