Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Error: code object is not signed at all

See original GitHub issue

Hey @sethlu and @malept. I’ve been working on getting an Electron app into the MAS for a few days. 😅 – lots of googling and I keep seeing your names pop up on old threads. Thanks for helping people figure this stuff out!

I’ve got all my signing certs set up:

screen shot 2018-04-16 at 2 51 26 pm

I’m using this electron-packager incantation to generate a .pkg file and publishing the build to iTunes Connect using Application Loader:

# package for MAS
electron-packager . \
  --platform=mas \
  --arch=x64 \
  --out=dist \
  --prune=true \
  --app-bundle-id=com.sikelianos.zeke.illuminati \
  --app-version="$npm_package_version" \
  --build-version="$npm_package_version_build" \
  --icon=build/icon.icns \
  --osx-sign

# copy provision profile
cp embedded.provisionprofile dist/Illuminati-mas-x64/Illuminati.app/Contents/

# flatten
electron-osx-flat dist/Illuminati-mas-x64/Illuminati.app \
  --pkg dist/illuminati.pkg

The Application Loader step succeeds, but I got an email back:

Invalid Signature - The executable at path Illuminati.app/Contents/Resources/app/node_modules/fsevents/build/Release/.node has following signing error(s): code object is not signed at all In architecture: x86_64 . Refer to the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html for more information.

Any pointers on what I might be missing?

Ideas:

Should I be using codesign somewhere too, or is electron-osx-sign all I need?
Do I need an Info.plistfile with some custom stuff in it? The app doesn’t have any special requirements that I know of.

Issue Analytics

State:
Created 5 years ago
Comments:15 (9 by maintainers)

Top GitHub Comments

2reactions

sethlucommented, Apr 16, 2018

Hi @zeke! 😺

I think the issue comes from the native node addons (from the fsevents dependency). Since electron-osx-sign bypasses scanning files that begin with a dot . (typically the hidden files, e.g. .gitignore), it happens to skip code signing this binary file located at Illuminati.app/Contents/Resources/app/node_modules/fsevents/build/Release/.node. While files with names like something.node will be automatically signed.

🏅 I guess it may be good for electron-osx-sign to expect .node as a binary?

A revised workflow for now may be the following:

# package for MAS
electron-packager . \
  --platform=mas \
  --arch=x64 \
  --out=dist \
  --prune=true \
  --app-bundle-id=com.sikelianos.zeke.illuminati \
  --app-version="$npm_package_version" \
  --build-version="$npm_package_version_build" \
  --icon=build/icon.icns \

# copy provision profile (best to do this before code signing)
# you don't really have to manually do this as electron-osx-sign will scan the working directory for a matching provisioning profile and copy it there
cp embedded.provisionprofile dist/Illuminati-mas-x64/Illuminati.app/Contents/

# codesign (explicitly put the binary from fsevents, electron-packager avoids passing additional binaries)
electron-osx-sign dist/Illuminati-mas-x64/Illuminati.app \
  dist/Illuminati-mas-x64/Illuminati.app/Contents/Resources/app/node_modules/fsevents/build/Release/.node

# flatten
electron-osx-flat dist/Illuminati-mas-x64/Illuminati.app \
  --pkg dist/illuminati.pkg

Lemme know if it helps 😄

1reaction

SanthoshPixmonkscommented, Jun 10, 2020

Hi @sethlu we fixed this issue and successfully launched on app store thanks for your reply.