@Patrick B — That should do
codesign -f --deep -s "<Apple_ID_or_email_adress>" <App_PATH>
If it fails because of extended attributes being used, run the following before
xattr -cr <App_PATH>
to remove them
Yeah I had Xcode build and sign the app. then I checked the signature in Terminal by using:
codesign -dv --verbose=4 test.app
I got positive codesign info in return.
Just for the heck of it I threw the app into App Wrapper. It copied the app into Wrapped Application. The wrapped app does launch, but I cannot notarize it in App Wrapper. Same error as my other app. Unable to verify the signature or not code signed.
Okay; so we're pretty sure it's a problem with App Wrapper. hmmm..... Can I ask you to check the option "Use Apple's temporary engine", and make sure it's unselected. Its available by clicking on the action icon next to the identity selector.
@James S Once I turned off “use apple’s temporary engine” mine is working again. Of course it took 6 minutes to wrap the app because of all the included helpers ;) But thats OK, they will all have to be deep signed anyway in order to notorize properly I think...
I have a solution for that; should be able to demo it in the next couple of weeks.
looks like i was able to get one of my apps to sign in Terminal after running
xattr -cr <App_PATH>
so I tried running that before going to App Wrapper and it looks like it's signed it but it still won't launch the app for some reason. I still get the error:
Crashed Thread: 0 Exception Type: EXC_CRASH (SIGABRT) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Termination Reason: DYLD, [0x5] Code Signature
The app will run from the Desktop prior to using App Wrapper, though.
got an email from Apple support right after my previous post in regards to the error message.
"This clearly indicates a code signing problem, and specifically a problem with your nested code. It seems that your main app was signed to some extent, but it’s unable to load a nested library (XojoFramework) because that’s not been signed correctly."
He did not yet tell me what to do about it, as I'm supposed to sign the app and export the Terminal results. I suspect there's some option I have to add when codesigning?
@Patrick B — That is what the "--deep" option is for with the codesign command. I tried 2 min ago and my XojoFramework is properly signed with the command I gave you.
Do you have an Entitlements file for this project? If so, you probably want to change the command to:
codesign -f --deep --entitlements <Path_to_Entitlement_File> -s "<Apple_ID>" <Path_to_APP>
i don't even know what an entitlements file is. :-)
Forgot to mention my Developer ID Application cert would not sign, but my 3rd Party Mac cert did sign after running the xattr -cr code on it. Just sent an exported Terminal session to Apple. Glad I'm getting some help from them. Hope it sheds some light on what's going on with App Wrapper too. I much prefer using that than Terminal!
@Patrick Besong — Well I don't use the Terminal. I have just added a script to my Xojo projects so that they are automatically signed when building code.
I am not sure what a "third party" ID is. Is it about using a "non-Apple" email address? Because I use one too.
EDIT: but it works only if I put my email address in the command line after "-s"!
However, you can switch according to this article
Patrick, can you check in App Wrapper and make sure that “Use Apple’s temporary engine” is unselected.
Can I ask you to check the option "Use Apple's temporary engine", and make sure it's unselected. Its available by clicking on the action icon next to the identity selector.
This enables the deep option; which is something that Apple even advises against and recently it appears to be causing problems. I am working on a replacement and hope to have some thing you can use in a week or so.
@Patrick B i don't even know what an entitlements file is. :-)
In App Wrapper; these are the options you select on the capabilities pane. By using App Wrapper; you should get the correct entitlements for the correct executable.
Sam seems to have figured out the problem (via email). It was with my Developer ID Certification Authority. All I had to do was change the Trust setting from "Always Trust" to "Use System Defaults". Was able to run it thru App Wrapper, run the PKG installer and successfully launch the app after that. Great job Sam!