KB5025823 Change in how .NET applications import X.509 certificates

[EMarshal]

I'm trying to use AppleDev.Tool in a GitHubActions runner (on macOS) where it's called by .NET MAUI - Apple Provisioning.

It's giving me an error now where I think it should be working based on my configuration:

─────────────────────────────── Provisioning... ────────────────────────────────
Creating Keychain /Users/runner/Library/Keychains/build.keychain-db... Done.
Setting Default Keychain /Users/runner/Library/Keychains/build.keychain-db... Done.
Unlocking Keychain /Users/runner/Library/Keychains/build.keychain-db... Done.
Importing Certificate into /Users/runner/Library/Keychains/build.keychain-db 
(AllowAnyAppRead: True)...Error: PKCS12 (PFX) without a supplied password has exceeded maximum allowed 
iterations. See https://go.microsoft.com/fwlink/?linkid=2233907 for more 
information.

That link goes to KB5025823 Change in how .NET applications import X.509 certificates

I'm passing the both the certificate password and certificate as a base64 string from GitHub secrets as per the Apple Provisioning action documentations.

https://github.com/Redth/AppleDev.Tools/blob/83e10db50e9bcd3840dd669f32ffa2af1281fa4b/AppleDev.Tool/Commands/CI/ProvisionCiCommand.cs#L92

It seems like var x509 = new X509Certificate2(certificateData); should be var x509 = new X509Certificate2(certificateData, settings.CertificatePassphrase); when a passphrase is present or possibly var x509 = new X509Certificate2(certificateData, (string)null); when using trusted certificate data with no passphrase.

[RaFaGG]

Same error here!