diff --git a/.github/actions/build-electron/action.yml b/.github/actions/build-electron/action.yml
index dca9bc3b8..f40535d38 100644
--- a/.github/actions/build-electron/action.yml
+++ b/.github/actions/build-electron/action.yml
@@ -20,8 +20,8 @@ runs:
       if: inputs.os == 'macos'
       uses: apple-actions/import-codesign-certs@v2
       with:
-        p12-file-base64: ${{ env.APPLE_APP_CERTIFICATE_BASE64 }}
-        p12-password: ${{ env.APPLE_APP_CERTIFICATE_PASSWORD }}
+        p12-file-base64: ${{ secrets.APPLE_APP_CERTIFICATE_BASE64 }}
+        p12-password: ${{ secrets.APPLE_APP_CERTIFICATE_PASSWORD }}
         keychain: build
         keychain-password: ${{ github.run_id }}
 
@@ -29,8 +29,8 @@ runs:
       if: inputs.os == 'macos'
       uses: apple-actions/import-codesign-certs@v2
       with:
-        p12-file-base64: ${{ env.APPLE_INSTALLER_CERTIFICATE_BASE64 }}
-        p12-password: ${{ env.APPLE_INSTALLER_CERTIFICATE_PASSWORD }}
+        p12-file-base64: ${{ secrets.APPLE_INSTALLER_CERTIFICATE_BASE64 }}
+        p12-password: ${{ secrets.APPLE_INSTALLER_CERTIFICATE_PASSWORD }}
         keychain: build
         keychain-password: ${{ github.run_id }}
         # We don't need to create a keychain here because we're using the build keychain that was created in the previous step
@@ -74,9 +74,9 @@ runs:
       shell: bash
       env:
         # Pass through required environment variables for signing and notarization
-        APPLE_TEAM_ID: ${{ env.APPLE_TEAM_ID }}
-        APPLE_ID: ${{ env.APPLE_ID }}
-        APPLE_ID_PASSWORD: ${{ env.APPLE_ID_PASSWORD }}
+        APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+        APPLE_ID: ${{ secrets.APPLE_ID }}
+        APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
       run: |
         # Map OS names to Electron Forge platform names
         if [ "${{ inputs.os }}" = "macos" ]; then
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index b469ac79b..704dc4be5 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -33,36 +33,6 @@ jobs:
     runs-on: ${{ matrix.os.image }}
     steps:
       - uses: actions/checkout@v4
-
-      # Set up certificates and keychain for macOS
-      - name: Install Apple Certificates
-        if: matrix.os.name == 'macos'
-        env:
-          APP_CERTIFICATE_BASE64: ${{ secrets.APPLE_APP_CERTIFICATE_BASE64 }}
-          APP_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_APP_CERTIFICATE_PASSWORD }}
-          INSTALLER_CERTIFICATE_BASE64: ${{ secrets.APPLE_INSTALLER_CERTIFICATE_BASE64 }}
-          INSTALLER_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_INSTALLER_CERTIFICATE_PASSWORD }}
-          KEYCHAIN_PASSWORD: ${{ github.run_id }}
-        run: |
-          # Create keychain
-          security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
-          security default-keychain -s build.keychain
-          security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
-          security set-keychain-settings -t 3600 -u build.keychain
-
-          # Import application certificate
-          echo "$APP_CERTIFICATE_BASE64" | base64 --decode > application.p12
-          security import application.p12 -k build.keychain -P "$APP_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
-          rm application.p12
-
-          # Import installer certificate
-          echo "$INSTALLER_CERTIFICATE_BASE64" | base64 --decode > installer.p12
-          security import installer.p12 -k build.keychain -P "$INSTALLER_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
-          rm installer.p12
-
-          # Update keychain settings
-          security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain
-
       - name: Set up node & dependencies
         uses: actions/setup-node@v4
         with: