I’ve created an app which works perfectly. However, notarization failed because the app has does not have hardend runtime enabled. When enabling hardend runtime during the signing process, the app gets damaged and will no longer open/run.
The same thing happens when I create a new empty project, build it, remove the extended attributes and then sign it using the enabled hardend runtime attributes. So the problem exists in an empty project…
Hm, that’s no good. If it were a problem with Xojo, we’d be hearing from quite a number of people. I deliver my app signed and notarized with a hardened runtime. It’s built with Xojo and signed with App Wrapper.
What is your build, sign, and notarize process? Perhaps there’s a hiccup there to find.
Correct. You’re enabling it with the appropriate parameters when CodeSigning your application: codesign --options runtime ...other parameters as usual...
I don’t see that
If you want to look at an example showing how you can do it on your own: Xojo2DMG
Highly recommended, too… Here’s the link to AppWrapper.
Right… without knowing what you are doing exactly it’s just shots in the dark.
The --deep has been necessary for you most likely because of this requirement: Has components not signed with your Developer ID
Great. Don’t forget to test your app’s behavior now that you have (to have) the Hardened Runtime enabled…
I can only repeat: I encourage everyone to CodeSign (with Hardened Runtime) each and every DebugRun on macOS, allowing you to develop and debug as close to a Release Build as possible.
@Jürg Otter It would be nice if we could do this from within Xojo, as part of the build process. That would be awesome … Some automated feature running the command lines in the background …