[quote=440699:@Christoph De Vocht]I tried everything but the notarised .dmg files keeps popping up the ‘unidentified developer’.
It seems I have to switch to .pkg (which does work when it is notarised).
Anyone else tried this?[/quote]
Same issue here.
[quote=440703:@Christoph De Vocht]Christian Schmitz: Are you sure the beta 1 is not broken in this regard?
That may be the case. Although I did download .dmg files that do not show this popup. It’s an odd issue for sure.[/quote]
I wouldn’t worry about it right now. Let’s wait for (public) Beta 1/2/3.
As a cross-check, I have just codesigned (not Notarized and stapled to the dmg). And surprise - you don’t get the “unidentified developer”, and (the not notarized app) runs just fine. So my guess is that they are still working on this “feature / restrictions-to-come”.
[quote=440612:@Christoph De Vocht]Tested on a ‘future’ macOS version.
When creating, codesigning and notarising a .dmg file always results in prompting ‘Unidentified Developer’ and you cannot open the .dmg (after you downloaded the .dmg file).[/quote]
I see the same thing. My older notarized signed DMGs work fine, but a newly-created notarized signed DMG refuses to mount on the beta. The newer DMGs mount if I delete the com.apple.quarantine attribute.
I suggest reporting it via Apple’s Feedback Assistant.
Nice, just got my first mail from a customer who says my software cannot be launched because … ‘I am an unidentified developer’. Good job Apple, you are taking down my reputation as a developer. And I even payed you for this.
I already have made a standard reply to answer those questions (that it is probably a beta issue). Nevertheless, this isn’t very encouraging.
Christophe; contact Apple Developer Support. Explain to them that you need to know what’s changed because your Notarized application works fine on 10.4.5 but won’t open on Catalina. Try to keep emotion out of your letter. Don’t forget to tell them that your bug report was closed almost instantly with “By Design”, don’t forget to tell them that now they’ve released the public beta, you’re getting e-mails from customers about this and you don’t know what to do.
Hu? That’s odd. DropDMG isn’t my product. For my own app I’m still wrestling with Catalina itself. There is now a version of Valentina that should work for hardening. As soon as this wonderful heatwave is a bit better and my brain is back to working I’m going to test notarization.
Btw the DropDMG itself doesn’t show the issue (it’s probably notarised before 1 june 2019). Only dmg files codesigned and notarized after this date trigger the issue.
[quote=442916:@Christoph De Vocht]
Did you create, codesigned and notarized the dmg running macOS 10.15 ?[/quote]
Interesting. This is something we are not doing. Our signing, hardening and notarization is being done on 10.13.6 using Xcode 10.1.
The question remains why is DropDMG notarized and their .dmg is Codesigned and they don’t have this issue?
Maybe here comes the “date” in play. Or the macOS version used to sign (10.13.6 | 10.14. | 10.15)?
Blech. I checked again. The DropDMG version I checked this morning is the current release from last year. However, I had a problem with DropDMG crashing on Catalina and got a link to a new beta version from this June. This version also shows the “unidentified developer” warning.
Doesn’t work either. Still getting the ‘Unidentified developer’.
Note: With every try, I do receive a mail from Apple that my app is ready for deployment. So although Apple confirms everything wend ok, it does trigger the issue every single time.
Btw I did not tried the entitlement found in that article but I don’t think this is needed for the Xojo framework.
Hmm I got ours to open without that once
Maybe I have skipped Step 5, too:
CodeSign .app
Package .app in a .dmg
CodeSign .dmg
Send .dmg to Notarize
Staple Ticket to .dmg
As of now, it seems unsigned .dmg’s will still open. Then Gatekeeper kicks in to check it’s content. And as long as the .app inside it is notarized, it’ll “phone home” and check that. So not codesigning the .dmg and not stapling the Notarization-Ticket might work for now.
Having said that: I’ll leave it “as it is” (even with that “Unidentified Developer” message). It’s most likely a Bug in the macOS PreRelease. Only if it’s still an issue in July/August, I might reconsider changing our build process.
Until then: Just right-click and open those .dmg’s. Or use Terminal to: xattr -rc <path-to-downloaded-dmg>.
And let complaining users know with a default-reply: Things like these (and much other, worse ones) are to be expected when using PreReleases. It’s not your business (right now).
I am curious if that’s an application that was code-signed prior to June 1st, 2019. Apple has said that in order not to break too many apps on Catalina, Gatekeeper does not require notarization if the code-sign date is before June 1st. In other words, stuff that was built before then should install fine on Catalina.
I have other install problems on Catalina, but that’s a separate issue.
[quote=442957:@Philippe Casgrain]I am curious if that’s an application that was code-signed prior to June 1st, 2019. Apple has said that in order not to break too many apps on Catalina, Gatekeeper does not require notarization if the code-sign date is before June 1st. In other words, stuff that was built before then should install fine on Catalina.
I have other install problems on Catalina, but that’s a separate issue.[/quote]
That’s correct. Released prior June 1st no message is shown.
