diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index ea6b2e2f8..1c2db6e3b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -171,8 +171,8 @@ jobs:
           APPLE_SIMPLEX_NOTARIZATION_APPLE_ID: ${{ secrets.APPLE_SIMPLEX_NOTARIZATION_APPLE_ID }}
           APPLE_SIMPLEX_NOTARIZATION_PASSWORD: ${{ secrets.APPLE_SIMPLEX_NOTARIZATION_PASSWORD }}
         run: |
-          scripts/desktop/build-desktop-mac-ci.sh
-          echo "::set-output name=package_path::$(echo $PWD/release/main/dmg/SimpleX-*.dmg)"
+          scripts/ci/build-desktop-mac.sh
+          echo "::set-output name=package_path::$(echo $PWD/apps/multiplatform/release/main/dmg/SimpleX-*.dmg)"
 
       - name: Linux upload desktop package to release
         if: startsWith(github.ref, 'refs/tags/v') && (matrix.os == 'ubuntu-20.04' || matrix.os == 'ubuntu-22.04')
diff --git a/scripts/desktop/build-desktop-mac-ci.sh b/scripts/ci/build-desktop-mac.sh
similarity index 63%
rename from scripts/desktop/build-desktop-mac-ci.sh
rename to scripts/ci/build-desktop-mac.sh
index 07a3db9c8..259b94622 100755
--- a/scripts/desktop/build-desktop-mac-ci.sh
+++ b/scripts/ci/build-desktop-mac.sh
@@ -2,7 +2,7 @@
 
 set -e
 
-trap "rm apps/multiplatform/local.properties || true; rm local.properties || true; rm /tmp/simplex.keychain || true" EXIT
+trap "rm apps/multiplatform/local.properties 2> /dev/null || true; rm local.properties 2> /dev/null || true; rm /tmp/simplex.keychain" EXIT
 echo "desktop.mac.signing.identity=Developer ID Application: SimpleX Chat Ltd (5NN7GUYB6T)" >> apps/multiplatform/local.properties
 echo "desktop.mac.signing.keychain=/tmp/simplex.keychain" >> apps/multiplatform/local.properties
 echo "desktop.mac.notarization.apple_id=$APPLE_SIMPLEX_NOTARIZATION_APPLE_ID" >> apps/multiplatform/local.properties
@@ -10,6 +10,10 @@ echo "desktop.mac.notarization.password=$APPLE_SIMPLEX_NOTARIZATION_PASSWORD" >>
 echo "desktop.mac.notarization.team_id=5NN7GUYB6T" >> apps/multiplatform/local.properties
 echo "$APPLE_SIMPLEX_SIGNING_KEYCHAIN" | base64 --decode - > /tmp/simplex.keychain
 
+security unlock-keychain -p "" /tmp/simplex.keychain
+# Adding keychain to the list of keychains.
+# Otherwise, it can find cert but exits while signing with "error: The specified item could not be found in the keychain."
+security list-keychains -s `security list-keychains | xargs` /tmp/simplex.keychain
 scripts/desktop/build-lib-mac.sh
 cd apps/multiplatform
 ./gradlew packageDmg
diff --git a/scripts/ci/prepare-keychain-mac.sh b/scripts/ci/prepare-keychain-mac.sh
new file mode 100644
index 000000000..912e6285a
--- /dev/null
+++ b/scripts/ci/prepare-keychain-mac.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+security create-keychain -p "" simplex.keychain
+security set-keychain-settings -u simplex.keychain
+security add-certificates -k simplex.keychain "Developer ID Application: SimpleX Chat Ltd (5NN7GUYB6T).cer"
+security add-certificates -k simplex.keychain "Developer ID Certification Authority.cer"
+# Private key with access from any app
+security import "SimpleX Chat.p12" -P "" -k simplex.keychain -A
+# Public key
+security import "SimpleX Chat.pem" -k simplex.keychain