Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Packaging macOS applications with a self-signed certificate fails
See original GitHub issueUsing electron-osx-sign-tf@1.0.0 which I assume is something like a recent master of this repo (see #82).
Using a self-signed certificate passes codesign --verify but does not pass spctl --assess aka Gatekeeper.
Error: Failed to pass Gatekeeper: : Error: Command failed: spctl --assess --type execute --verbose --ignore-cache --no-cache dist/mac/MyApp.app
dist/mac/MyApp.app: rejected
at node_modules/electron-osx-sign-tf/index.js:215:12
at node_modules/electron-osx-sign-tf/index.js:302:64
In my understanding spctl failing is expected and can not be circumented with self-signed certificates and is the equivalent of seeing “This application is from an unidentified developer” when trying to execute the given application.
However I think letting self-signed applications through is still a valid use case, because:
- Automatic updates require signed applications (self-signed are fine).
- Self-signed applications will still be verified for integrity an not execute when currupted.
Maybe have an option to opt-out from the spctl check?
Issue Analytics
- State:
- Created 7 years ago
- Comments:7 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
You can run
sudo spctl --master-disableto temporarily bypass Gatekeeper before signing macOS apps.Fixed in electron-builder 8.2.0 (https://github.com/electron-userland/electron-builder/issues/890).