Xcode 12.4 Release

The Xcode 12.4 image has just been released and can be selected as follows:

  xcode: 12.4.0

Image Info

Xcode 12.4 Build version 12D4e is installed at /Applications/Xcode-12.4.app .

The following runtimes are installed:

  • iOS 13.7
  • iOS 14.4
  • tvOS 13.4
  • tvOS 14.3
  • watchOS 6.2
  • watchOS 7.2

The full manifest of installed software can be found here


I’m having intermittent failures with code signing when I use this image. (I require xcode 12.4.0 as in the snippet above)

I’m using certificates that were generated on Feb. 5, signed with the WWDR cert that expires in 2030, and I install my certificates & provisioning profiles using fastlane match. My build will intermittently fail with this error in my build logs:

[16:28:17]: ▸ Warning: unable to build chain to self-signed root for signer "<certificate name>"
[16:28:17]: ▸ /Users/distiller/Library/Developer/Xcode/DerivedData/<path to my target>: errSecInternalComponent
[16:28:17]: ▸ Command CodeSign failed with a nonzero exit code

I can usually restart my CircleCI build after a failure & will pass the second time; my build script always works when I run it from desktop. Since the intermediate & root certificates needed for code signing are always pre-loaded in Circle’s build VM and that seems to be the issue, it makes me wonder if something’s up on CircleCI’s end.


This image contains Carthage 0.36.1 but we need Carthage 0.37.0 that supports XCFrameworks, any plan to update Carthage to 0.37.0?
For now we added a step in our .yml to update Carthage but it’s not optimal.

I resolved this issue myself. The reason my build was failing is that the xcode 12.4.0 VMs do not include the “new” WWDR Intermediate Certificate; I had to follow these instructions for enterprise projects:

Although the article says the steps are necessary for enterprise code signing, they’re now needed for App Store code signing as well, if your certificates were issued on/after Jan. 28:


For CircleCI staff: it’s crazy that you’re not pre-installing this new intermediate certificate in macOS VMs before you publish them. We customers shouldn’t have to be doing this for you…

1 Like

I’m seeing some random code signing errors as well still, since this article was posted in September hopefully we can get these installed on all Mac images sometime soon? That’d be grand.