Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

macOS Sign error while uploading to apple store.

See original GitHub issue

Electron Version : 6.0.10 Electron Build version: 21.2.0

The following signing errors are shown during uploading mac pkg to apple store.

I have all these certificates at keychain: command: security find-identity -p codesigning -v

  1. 02D559EF08AC6CB6BC0F255035DA50A0EE8FDD7A “Developer ID Application: MyCompany, Inc. (4VXK2DP174)”
  2. 8AF5BD5FDE2078BC55DD09F709068EDF93C3498B “3rd Party Mac Developer Application: MyCompany, Inc. (4VXK2DP174)”
  3. 6127C61FCB71B8A94B55918DD67FCF0FE78EA621 “Mac Developer: Ahmed Wali (K8PV65GGCB)” 3 valid identities found

Errors on upload pkg:

  1. ERROR ITMS-90287: “Invalid Code Signing Entitlements. The entitlements in your app bundle signature do not match the ones that are contained in the provisioning profile. The bundle contains a key that is not included in the provisioning profile: ‘com.apple.developer.team-identifier’ in ‘com.myapp.myappformac.pkg/Payload/My App.app/Contents/MacOS/My App’.”
  2. ERROR ITMS-90287: “Invalid Code Signing Entitlements. The entitlements in your app bundle signature do not match the ones that are contained in the provisioning profile. The bundle contains a key that is not included in the provisioning profile: ‘com.apple.application-identifier’ in ‘com.myapp.myappformac.pkg/Payload/My App.app/Contents/MacOS/My App’.”
  3. ERROR ITMS-90237: “The product archive package’s signature is invalid. Ensure that it is signed with your “3rd Party Mac Developer Installer” certificate.”
  4. ERROR ITMS-90277: “Invalid Bundle Identifier. The application bundle contains a tool or framework Electron Helper (GPU) [com.myapp.myappformac.pkg/Payload/My App.app/Contents/Frameworks/My App Helper (GPU).app] using the bundle identifier ‘com.myapp.myappformac.helper.(GPU)’, which is not a valid bundle identifier.”
  5. ERROR ITMS-90277: “Invalid Bundle Identifier. The application bundle contains a tool or framework Electron Helper (Plugin) [com.myapp.myappformac.pkg/Payload/My App.app/Contents/Frameworks/My App Helper (Plugin).app] using the bundle identifier ‘com.myapp.myappformac.helper.(Plugin)’, which is not a valid bundle identifier.”
  6. ERROR ITMS-90277: “Invalid Bundle Identifier. The application bundle contains a tool or framework Electron Helper (Renderer) [com.myapp.myappformac.pkg/Payload/My App.app/Contents/Frameworks/My App Helper (Renderer).app] using the bundle identifier ‘com.myapp.myappformac.helper.(Renderer)’, which is not a valid bundle identifier.”

Here are mac settings in package.json file;

"mac": {
     "category": "public.app-category.productivity",
     "target": [
       "pkg"
     ],
     "identity": "MyCompany, Inc. (4VXK2DP174)",
     "icon": "My-APP.icns",
     "entitlements": "dist/entitlements.mac.plist",
     "entitlementsInherit": "dist/entitlements.mac.plist",
   },
   "dmg": {
     "background": "electron-config/dmg/todo-background.tiff",
     "contents": [
       {
         "type": "file",
         "x": 120,
         "y": 275
       },
       {
         "type": "link",
         "path": "/Applications",
         "x": 420,
         "y": 275
       }
     ],
     "window": {
       "width": 540,
       "height": 400
     }
   },

entitlements.mac.plist:

<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
   <dict>
    <key>com.apple.security.cs.allow-jit</key>
        <true/>
        <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
        <true/>
    	<key>com.apple.security.cs.disable-library-validation</key>
        <true/>
    	<key>com.apple.security.cs.disable-executable-page-protection</key>
        <true/>
     <key>com.apple.security.app-sandbox</key>
        <true/>
     <key>com.apple.security.inherit</key>
        <true/>
   </dict>
 </plist>

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:2
  • Comments:16 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
salomvarycommented, May 7, 2020

I was getting similar errors when verifying the bundle with altool before uploading. The solution was to create a provisioning profile for Mac App distribution, download it and set provisioningProfile for electron-builder to point to the downloaded provisioning profile file.

After this the build passed all verifications and uploaded with no issues.

1reaction
amargautamcommented, Jan 26, 2020

To me it looks like you are using a wrong bundle id for your app during notarize. Following is my notarize script which requires you to provide the app bundle id.

I use electron-notarize.

const { notarize } = require('electron-notarize');

exports.default = async function notarizing(context) {
  const { electronPlatformName, appOutDir } = context;  
  if (electronPlatformName !== 'darwin') {
    return;
  }

  const appName = context.packager.appInfo.productFilename;

  return await notarize({
    appBundleId: 'com.xxx.<app-name>',
    appPath: `${appOutDir}/${appName}.app`,
    appleId: process.env['APPLE_ID'],
    appleIdPassword: `@keychain:AppleNotarize`,
    ascProvider: 'XXXXXXXXXX'
  });
};

appBundleId should match with what you have in your provisioning profile. This is important. And also the entitlements should match what you have in your provisioning profile.

Here is my entitlement file -

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>com.apple.security.cs.allow-jit</key>
    <true/>
    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
    <true/>
    <key>com.apple.security.cs.allow-dyld-environment-variables</key>
    <true/>
    <key>com.apple.security.cs.disable-library-validation</key>
    <true/>
  </dict>
</plist>

Let me know how it goes. I hope this helps. Good luck.

Read more comments on GitHub >

github_iconTop Results From Across the Web

APP STORE connect operation error - Apple Developer
I keep getting this error message: APP STORE connect operation error: An error occurred uploading to the App Store. Anyone know why this...
Read more >
App Store Connect Operation Error | Apple Developer Forums
Failed retrieving requestid for upload. you may have outstanding agreements to sign on app store connect. There are no disagreements in appstoreconnect.
Read more >
Can't upload to AppStore - Invalid Provisioning Signature
You go to https://developer.apple.com/account/resources/profiles/list, choose your provision, then click edit (no need change anything), save and download it.
Read more >
An error occurred uploading to the App Store. - Apple Developer
Whenever I try to upload an app from Xcode, I get this error right as the file upload begins: App Store Connect Operation...
Read more >
Please help, I cannot upload a new build to app store connect.
Hi, I recently tried to upload a new build to app store connect and when I get to the signing part of the...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

hdiutil unmount issue blocks dmg creation for MacOS builds

Next page

npm run dist -> fails in CI environment, works locally (EEXIST error during cleanup).