Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Mas build notarization invalid
See original GitHub issueHello, I was annoyed with the app signature for a week, I hope to get your help.
I have the following keys in my keychain:
3rd Party Mac Developer Application: Xian Gen Wu (7VMB56CA56)
3rd Party Mac Developer Installer: Xian Gen Wu (7VMB56CA56)
Mac Developer: Xian Gen Wu (DRNX7B39RB)
My application is a download tool that uses electron-vue scaffolding to generate projects. The app integrates aria2c internally as a download engine.
This is the build config in my application’s package.json:
"build": {
"productName": "MO",
"appId": "net.agalwood.mo2",
"asar": true,
"directories": {
"output": "release"
},
"files": [
"dist/electron/**/*"
],
"mac": {
"target": [
"mas"
],
"extendInfo": {
"ElectronTeamID": "7VMB56CA56",
"NSRequiresAquaSystemAppearance": false
},
"forceCodeSigning": true,
"extraResources": {
"from": "./extra/darwin/",
"to": "./",
"filter": [
"**/*"
]
},
"category": "public.app-category.utilities"
},
"mas": {
"entitlements": "./build/entitlements.mas.plist",
"entitlementsInherit": "./build/entitlements.mas.inherit.plist",
"provisioningProfile": "./build/MO_v2.provisionprofile"
}
}
entitlements.mas.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>7VMB56CA56.net.agalwood.mo2</string>
</array>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.files.downloads.read-write</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.network.server</key>
<true/>
</dict>
</plist>
entitlements.mas.inherit.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.inherit</key>
<true/>
</dict>
</plist>
So after the application is built, the Resources directory inside the app is as follows(exclude language dirs):
├── app.asar
├── electron.asar
├── engine
│ ├── aria2.conf
│ └── aria2c
The build debug log
> export DEBUG=electron-osx-sign* && npm run build
...
...
...
• path resolved outputFormat=icns path=/Users/why/Documents/Work/Code/moapp-vue/build/icon.icns
• signing file=release/mas/MO.app identityName=3rd Party Mac Developer Application: Xian Gen Wu (7VMB56CA56) identityHash=2F30E6CDC4F406431675C6E5E535E2C75B931CE5 provisioningProfile=./build/MO_v2.provisionprofile
electron-osx-sign electron-osx-sign@0.4.11 +0ms
electron-osx-sign `identity` passed in arguments. +3ms
electron-osx-sign Pre-sign operation enabled for provisioning profile:
* Disable by setting `pre-embed-previsioning-profile` to `false`. +1ms
electron-osx-sign Pre-sign operation enabled for entitlements automation with versions >= `1.1.1`:
* Disable by setting `pre-auto-entitlements` to `false`. +0ms
electron-osx-sign `provisioning-profile` passed in arguments. +0ms
electron-osx-sign Executing... security cms -D -i ./build/MO_v2.provisionprofile +0ms
electron-osx-sign Provisioning profile:
> Name: MO v2
> Platforms: [ 'mas' ]
> Type: distribution
> Path: ./build/MO_v2.provisionprofile
> Message: { AppIDName: 'MO v2',
ApplicationIdentifierPrefix: [ '7VMB56CA56' ],
CreationDate: 2018-12-04T15:47:59.000Z,
Platform: [ 'OSX' ],
IsXcodeManaged: false,
DeveloperCertificates:
[ <Buffer 30 82 05 a9 30 82 04 91 a0 03 02 01 02 02 08 48 2e 74 59 e2 31 ef 4c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 81 96 31 0b 30 09 06 03 55 04 06 ... > ],
Entitlements:
{ 'keychain-access-groups': [ '7VMB56CA56.*' ],
'com.apple.application-identifier': '7VMB56CA56.net.agalwood.mo2',
'com.apple.developer.team-identifier': '7VMB56CA56' },
ExpirationDate: 2019-12-04T15:25:58.000Z,
Name: 'MO v2',
TeamIdentifier: [ '7VMB56CA56' ],
TeamName: 'Xian Gen Wu',
TimeToLive: 364,
UUID: 'a5e607da-ad31-4b6a-8f33-a77f71344afc',
Version: 1 } +55ms
electron-osx-sign Looking for existing provisioning profile... +4ms
electron-osx-sign Embedding provisioning profile... +0ms
electron-osx-sign Copying file...
> Source: ./build/MO_v2.provisionprofile
> Target: /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/embedded.provisionprofile +0ms
electron-osx-sign Automating entitlement app group...
> Info.plist: /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Info.plist
> Entitlements: ./build/entitlements.mas.plist +2ms
electron-osx-sign `ElectronTeamID` found in `Info.plist`: 7VMB56CA56 +4ms
electron-osx-sign `com.apple.application-identifier` not found in entitlements file, new inserted: 7VMB56CA56.net.agalwood.mo2 +1ms
electron-osx-sign `com.apple.developer.team-identifier` not found in entitlements file, new inserted: 7VMB56CA56 +0ms
electron-osx-sign `com.apple.security.application-groups` found in entitlements file: 7VMB56CA56.net.agalwood.mo2 +0ms
electron-osx-sign Entitlements file updated:
> Entitlements: /var/folders/sv/8thwtrjd1nlc3nwsr6_jj60w0000gn/T/tmp-entitlements-20c0-0.plist +1ms
electron-osx-sign Signing application...
> Application: /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app
> Platform: mas
> Entitlements: /var/folders/sv/8thwtrjd1nlc3nwsr6_jj60w0000gn/T/tmp-entitlements-20c0-0.plist
> Child entitlements: ./build/entitlements.mas.inherit.plist
> Additional binaries: undefined
> Identity: { name:
'3rd Party Mac Developer Application: Xian Gen Wu (7VMB56CA56)',
hash: '2F30E6CDC4F406431675C6E5E535E2C75B931CE5' } +0ms
electron-osx-sign Walking... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework +13ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib +949ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libnode.dylib +151ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libnode.dylib +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/Electron Framework.framework +299ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/Electron Framework.framework +1ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper EH.app/Contents/MacOS/MO Helper EH +982ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper EH.app/Contents/MacOS/MO Helper EH +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper EH.app +128ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper EH.app +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper NP.app/Contents/MacOS/MO Helper NP +139ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper NP.app/Contents/MacOS/MO Helper NP +1ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper NP.app +124ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper NP.app +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper.app/Contents/MacOS/MO Helper +142ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper.app/Contents/MacOS/MO Helper +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper.app +139ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Frameworks/MO Helper.app +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Library/LoginItems/MO Login Helper.app/Contents/MacOS/MO Login Helper +140ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Library/LoginItems/MO Login Helper.app/Contents/MacOS/MO Login Helper +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Library/LoginItems/MO Login Helper.app +124ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Library/LoginItems/MO Login Helper.app +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/MacOS/MO +135ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/MacOS/MO +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Resources/engine/aria2c +286ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements ./build/entitlements.mas.inherit.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app/Contents/Resources/engine/aria2c +0ms
electron-osx-sign Signing... /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app +180ms
electron-osx-sign Executing... codesign --sign 2F30E6CDC4F406431675C6E5E535E2C75B931CE5 --force --options runtime --entitlements /var/folders/sv/8thwtrjd1nlc3nwsr6_jj60w0000gn/T/tmp-entitlements-20c0-0.plist /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app +0ms
electron-osx-sign Verifying... +266ms
electron-osx-sign Verifying application bundle with codesign... +1ms
electron-osx-sign Executing... codesign --verify --deep --strict --verbose=2 /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app +0ms
electron-osx-sign Verified. +604ms
electron-osx-sign Displaying entitlements... +0ms
electron-osx-sign Executing... codesign --display --entitlements :- /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO.app +1ms
electron-osx-sign Entitlements:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>7VMB56CA56.net.agalwood.mo2</string>
</array>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.files.downloads.read-write</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.network.server</key>
<true/>
<key>com.apple.application-identifier</key>
<string>7VMB56CA56.net.agalwood.mo2</string>
<key>com.apple.developer.team-identifier</key>
<string>7VMB56CA56</string>
</dict>
</plist> +51ms
electron-osx-sign Application signed. +0ms
I want to submit my app to Apple’s app store, and after mac OS 10.14, the app needs notarizated. However, after I signed the app into pkg or zip and uploaded it using xcrun altool.
xcrun altool --notarize-app --primary-bundle-id "net.agalwood.mo2" --username "******@gmail.com" --password "@keychain:AC_PASSWORD" -itc_provider "7VMB56CA56" --file /Users/why/Documents/Work/Code/moapp-vue/release/mas/MO-2.0.0.pkg
But the result of the review is Invalid, here is one of the notarization result json:
{
"logFormatVersion": 1,
"jobId": "7f6e79ce-f5f7-44e1-a0df-304b2a43646e",
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"archiveFilename": "MO-2.0.0.pkg",
"uploadDate": "2018-12-10T08:17:00Z",
"sha256": "3bde297c3bcfc9505abbb7d7aefa0cf8400e5144a3f585d4e828c2780a802e2b",
"ticketContents": null,
"issues": [{
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/MacOS/MO",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/MacOS/MO",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Resources/engine/aria2c",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Resources/engine/aria2c",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Library/LoginItems/MO Login Helper.app/Contents/MacOS/MO Login Helper",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Library/LoginItems/MO Login Helper.app/Contents/MacOS/MO Login Helper",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/MO Helper.app/Contents/MacOS/MO Helper",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/MO Helper.app/Contents/MacOS/MO Helper",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libnode.dylib",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libnode.dylib",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/MO Helper NP.app/Contents/MacOS/MO Helper NP",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/MO Helper NP.app/Contents/MacOS/MO Helper NP",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/MO Helper EH.app/Contents/MacOS/MO Helper EH",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": null,
"architecture": "x86_64"
}, {
"severity": "error",
"code": null,
"path": "MO-2.0.0.pkg/net.agalwood.mo2.pkg Contents/Payload/MO.app/Contents/Frameworks/MO Helper EH.app/Contents/MacOS/MO Helper EH",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": null
}]
}
I also tried manual signing and still failed.
const signAsync = require('electron-osx-sign').signAsync
const options = {
'app': './release/mas/MO.app',
'identity': '3rd Party Mac Developer Application: Xian Gen Wu (7VMB56CA56)',
'entitlements': './build/entitlements.mas.plist',
'entitlements-inherit': './build/entitlements.mas.inherit.plist',
'gatekeeper-assess': true,
'hardened-runtime': true,
'platform': 'mas',
'pre-embed-provisioning-profile': true,
'provisioning-profile': './build/MO_v2.provisionprofile',
'version': '3.0.10'
}
signAsync(options)
.then(function () {
// Application signed
console.log('Application signed')
})
.catch(function (err) {
// Handle the error
console.log('signAsync err==>', err)
})
Please help me ~~
Issue Analytics
- State:
- Created 5 years ago
- Comments:9 (9 by maintainers)
Top Results From Across the Web
Mas build notarization invalid · Issue #180 · electron/osx-sign
I have the following keys in my keychain: 3rd Party Mac Developer Application: Xian Gen Wu ... Mas build notarization invalid #180.
Read more >Resolving common notarization issues - Apple Developer
If you don't, or if you make a modification to the bundle after signing, notarization fails with the following message: The signature of...
Read more >MacOS app notarization failed - The signature of the binary is ...
The solution is to create a new .entitlements file on the Mac by vim comand rathen than the above and it codesigns and...
Read more >Components and notarization - English Community - 4D Forum
Hi, We are about to update some of our component… I am confused about components and code signing (for MacOS Gatekeeper)…
Read more >Codesigning and notarizing your LC standalone for ...
Create Developer ID Application certificate using Developer account. The certificate types for distribution outside the Apple "App Store” for Mac OS are: - ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I understand, thank you for answering my questions. If want to submit to the notarization service, should use “Developer ID” identity, the test was successful. @MarshallOfSound @sethlu
Another question, submitted to the Mac App Store is signed with a “3rd Party Mac Developer Application” certificate, right? After signing, I submitted my app’s pkg to iTunes Connect and the review was rejected: (
Is this still related to the signature issue?
electron: v3.0.10 electron-builder: v20.38.2 electron-osx-sign: v0.4.11
Below is the crash log that Apple sent me:
@agalwood The hardened-runtime parameter is currently only necessary for app notarization (only recommended for distribution outside the Mac App Store) as your app for distribution inside the Mac App Store is verified by Apple before it goes out. So to distribute your app on the MAS, it’s not required to have it signed with hardened runtime.
Thanks for posting your code signing setup! One little change I will propose is to remove the explicit
gatekeeper-assessand it is only enforced for apps signed with the Developer ID Application certificate, apps signed with 3rd Party Mac Developer Application identity will be rejected by Gatekeeper.electron-osx-signignores this option when you’re creating amasbuild fordistribution.