Error: Code signature at URL | did not pass validation: code failed to satisfy specified code requirement(s)

Following on from my previous comment, I now understand how designated requirements work and how they can be specified to resolve the issue I ran into where auto-update was failing when the next version of our app was signed by a newly issued certificate.

As per the comment here, the only way I have found to get this working is to build an intermediate update with a custom designated requirement that covers both the original and new certificates and that is signed with the original certificate ensuring that it meets the requirements of the current version.

In practice, what you need to do to accomplish this is:

1. Create a requirements.rqset file in the electron Build folder to store your requirements
2. In the requirements file use a logical or so that the requirement is met if the certificate leaf matches either the original certificate or the new certificate. This will look like the following: designated => certificate leaf = “path/to/original/cert.crt” or certificate leaf = “path/to/new/cert.crt” More information about code signing requirements can be found here although I didn’t find the docs or general information on this subject on the internet to be particularly clear.
3. Add the requirements property to the package.json in the mac settings specifying the path to the file you just created (build/requirements.rqset). This is to configure electron-builder to specify your custom requirements when calling codesign.
4. Build and sign your app with your original certificate and update users to this version.
5. Build the next version of your app signed with the new certificate and update from the version created in step 4 to this new version, which should now work. Note that when building this version you should not need to specific the requirements file in the package.json as that should only be necessary for the intermediate version.

This approach does have a limitation that users still can not directly update from the original version of the app to the latest version.

I hope this helps anyone that runs into this issue in the future.

I have created dmg build using my old mac system with electron-updater( different apple credential developer id application - using my old system CertificateSigningRequest ). After some days I have changed my new mac system with a new apple credential and I got the build. The problem is old dmg build update not happening. Throwing error. Let me attach the error screenshot. Anyone please help me to sort out this dmg build update issue.

Changes from my end:

   * I have changed both my system and apple credential.