App Wrapper 3.9 Beta 4, now with Hardened Runtime & Notarization

  1. last week

    Sam R

    Nov 5 Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    Ladies and Gentlemen;
    Beta 4 of App Wrapper now includes the newly required "Hardened Runtime" option (which requires macOS 10.13.6 or newer) and Notarization (which also requires macOS 10.13.6 and Xcode 10).

    How to use:
    Run App Wrapper on 10.13.6 (or newer) with Xcode 10 installed, and there's a new option under the Code signature selector "Hardened runtime", make sure this is checked (although please test your application thoroughly after enabling this option as it applies new restrictions to the app).

    Once your application is wrapped, there is a new "Notarize" button in the wrapping window, click this button and your packages will be imported into the Notarizer window. From here you select an Apple Developer account (you may need to add your information first) and then click on "Submit".

    App Wrapper will then upload the packages and check for analysis results automatically. It will display some errors in the window and also confirmation of completion. If you click the action icon in the list, you can view the log, which will reveal more detailed information.

    It will automatically Notarize multiple packages (if you ship a DMG and installer package per say). While the uploads are synchronous (Apple don't seem to like multiple uploads at the same time), other functions are asynchronous. In fact, once it's completed uploading, you even let the machine go to sleep and come back and check the status later.

    It also supports manually adding of packages; so if you code sign yourself, but would like to use App Wrapper for Notarization, simply drag the packages in and set the version number & bundle identifier.

    This version of App Wrapper has been hardened and notarized by itself.

    http://www.ohanaware.com/appwrapper/appWrapper3update39Beta.dmg

    Please let me know how you get on and what issues you encounter, if you encounter any.

  2. Yves P

    Nov 6 Pre-Release Testers Europe, Germany, Konstanz

    Thank you for adding this to AppWrapper. Unfortunately this does not work for me.

    I am signing my app with "Packaging=None". After the wrapping process, I usually use the macOS DiskUtility to create an unsigned but compressed dmg to deliver my app. This worked fine and I did not see any advantage to sign the dmg too.

    Back to AppWarapper: After successfully wrapping my app, the click on "Notarize" brings this window:

    -image-

    How can I now notarize my app now?

    PS: A small bug: If you add an account that is already in the list, a keychain error occurs.

  3. Sam R

    Nov 6 Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    Sorry I didn’t expalin how to manually add a package; drag your DMG or PKG into the Notarizer window.

    I haven’t tried it with an unsigned DMG, so let me know how that goes :)

  4. 7 days ago

    Christoph D

    Nov 6 Pre-Release Testers, Xojo Pro

    @Yves P This worked fine and I did not see any advantage to sign the dmg too.

    You are aware it is mandatory to sign the .dmg too for macOS 10.13 and higher?

  5. Sam R

    Nov 6 Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    I’ve been thinking about this; and probably what I’ll do is adapt the manual submission function to include codesigning at that stage, it will save an extra step, and simplifies the process for people who use other packing tools than those included in App Wrapper.

  6. 6 days ago

    Yves P

    Nov 7 Pre-Release Testers Europe, Germany, Konstanz

    No luck when notarizing an unsigned .dmg or the app itself.

    -image-

    @Christoph Dnbsp;Vocht You are aware it is mandatory to sign the .dmg too for macOS 10.13 and higher?

    OK, but until now it worked for me without signing. Even on High Sierra and the current Mojave. I never had customer complaints about that. Do you know if there were any restrictions with an unsigned .dmg?

    @Sam R I’ve been thinking about this; and probably what I’ll do is adapt the manual submission function to include codesigning at that stage, it will save an extra step, and simplifies the process for people who use other packing tools than those included in App Wrapper.

    That would be really great! Otherwise I have to use .dmg canvas. I Think there are too many steps to create and sign the .dmg by hand.

  7. Sam R

    Nov 7 Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    @Yves P No luck when notarizing an unsigned .dmg or the app itself.

    Notarization currently only supports DMG or PKG, so I am not surprised a .app doesnt work.

    @Yves P That would be really great! Otherwise I have to use .dmg canvas. I Think there are too many steps to create and sign the .dmg by hand.

    In App Wrapper, under the tools menu, there is a DMG signer option already; but what I propose will save you that step in the future :)

  8. Yves P

    Nov 7 Pre-Release Testers Europe, Germany, Konstanz
    Edited 6 days ago

    Great, my .dmg is now notarized. It worked with the included .dmg signer from AppWrapper and took about 4 minutes to finish. – No errors. :-)

  9. Sam R

    Nov 7 Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    @Yves P Great, my .dmg is now notarized. It worked with the included .dmg signer from AppWrapper and took about 4 minutes to finish. – No errors. :-)

    Excellent news :)

  10. 5 days ago

    Philip C

    Nov 7 Pre-Release Testers, Xojo Pro Cooroy, QLD, Australia

    For uploads, need to prove an app specific password. Does that mean one needs to use Apple's methodology for initial upload and set up before using this function in AppWrapper?

  11. Sam R

    Nov 7 Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    @Philip C For uploads, need to prove an app specific password. Does that mean one needs to use Apple's methodology for initial upload and set up before using this function in AppWrapper?

    In the tests that I’ve done; I’ve not set any specific passeords per application. And only used my code to upload.

  12. 16 hours ago

    Jerry F

    16 hours ago Pre-Release Testers, Xojo Pro

    This is the log error I get when I try. This is after signing and hardening the app, then creating/signing the dmg with DMG Canvas. This is on 10.14.1 with Xcode 10.1. Command line utilities are installed (at least Homebrew is happy), so I don't know what I'm missing.

    11/12/18 5:12:02 PM StatusChanged: Ready to submit to Apple.
    11/12/18 5:12:07 PM StatusChanged: Queued for upload.
    11/12/18 5:12:07 PM StatusChanged: Uploading 11.1 MB to Apple...
    11/12/18 5:12:07 PM xcrun: error: unable to find utility "altool", not a developer tool or in PATH

    11/12/18 5:12:07 PM Unable to convert the upload response into a dictionary
    11/12/18 5:12:07 PM StatusChanged: Unable to process the result, please see the log

  13. Jerry F

    16 hours ago Pre-Release Testers, Xojo Pro

    Never mind--- sudo xcode-select --switch /Applications/Xcode.app fixed it :-)

  14. 15 hours ago

    Sam R

    15 hours ago Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    @Jerry F Never mind--- sudo xcode-select --switch /Applications/Xcode.app fixed it :-)

    Interesting; thanks for the information. Had you actually opened Xcode 10.1?

  15. just now

    Björn E

    24 minutes ago Pre-Release Testers, Xojo Pro Iceland

    I had to also do that when I did my first Stamping about 2 weeks ago.

    @Sam R Interesting; thanks for the information. Had you actually opened Xcode 10.1?

    I had to also do that when I did my first Stamping about 2 weeks ago.

    So his case is definitely not one off case.

or Sign Up to reply!