I have a desktop app I have developed for a client who’s employees are all using either OS 10.8 or 10.9. My app is codesigned with our apple developer certificate, including two helper apps inside the bundle.
When the client downloads the app to run on either version, the app causes no problems with Gatekeeper. It recognizes the code signing.
When the app is downloaded to Mountain Lion (10.8) and put on a USB flash drive, and run on a second computer running 10.9, Gatekeeper says it is from an unidentified developer. But running code sign -dvvv gets the following:
It would seem to me that simply putting the app on a USB flash drive shouldn’t mess with the code signature. Does anyone have any insights into this? I would be forever in your debt!
Oh yes, we ran into CodeSigning-issues with that, too.
The reason are Ressource-Files (that get added by OS X on FAT-Volumes) such as “._image.png” - but since those files didn’t exist when code-signed… well, the CodeSigning-signature is still there, but the contents of the app is “modified” when being copied to a FAT-volume.
Here’s what we have filed as a “bugreport 14361139” to Apple back in July '12 - the case is still “open”…
Environment
USB-Stick: Formatted with MS-DOS Filesystem (FAT)
OS X 10.8.4: System Preferences → Privacy: Allow software from App Store and certified Developers