Keychain Access does not allow exporting Developer ID like the docs say

[kornelski]

The documentation suggests right-clicking a certificate and using Export.

https://gregoryszorc.com/docs/apple-codesign/main/apple_codesign_certificate_management.html#using-keychain-access

In Keychain Access (Version 11.0 (55300.40.2), Ventura) there is no such option when right-clicking the certificate:

There's "File -> Export Items…" option, but it doesn't allow using the .p12 format:

[indygreg]

Looks like Apple changed things. Boo. Thanks for the report!

We could likely use https://crates.io/crates/pkcs7 to support reading the .p7b files.

Or it might be best to just wean off recommending using Keychain Access.app. Instead, we can likely use the SecurityFramework APIs to access keychain data directly. I want to say a newer release of the security-framework Rust crate supports this. But I'm not sure about that.

I'd accept PRs to make any improvements in this area.

[petergoldsmith-anzx]

I think this is a bug in Keychain Access.app that you encountered @kornelski. When swapping between keychains, often the first time you right-click a certificate, there's no export option. However if you just select a few different certificates, then return to the original and right-click, the export options will appear.