Yes, I see it. Lots of variables and other work precedes it. I’ll have to sort it out. I haven’t seen so much shell scripting in over 10 years when I was working in Linux.
[quote=359811:@Jared Feder]Does the build script work if you unlock your login keychain before building your application?
Open Keychain Access and click the lock in the upper left, then enter your password.[/quote]
No, that did not work.
But you don’t have other problems with the keychain app?
I use a tablett from Wacom instead of a mouse. The developers there seriously don’t get the Mac. I have to unlock the keychain often and this can’t be saved. Very annoying.
How do you verify that the app hasn’t been signed? A simple signing of the finished app doesn’t work, by the way. You have to treat the app like an onion and sign framework and plugins first. Then the app is signed. If you have helpers they need to be signed first.
I don’t have any other problems with the keychain app. Works good.
After I do a build I run this in Terminal after first doing a cd to get to the build:
spctl -a -v -v Your_App_Name.appThis will report that the app has been rejected.
These are simple apps. I understand that what I’m doing here quite likely doesn’t work with more complex apps. I just want to understand what the hell is going on from a fundamental point of view.
I have two apps I built for this testing. Just a startup window with a button and msgbox. One gets signed, the other not. Then I zip them and send them to another email address of mine by WeTransfer. I go to another machine and download them. Then I try to run them. Each works as expected. This works for me.
I suspect that this may not work for the App Store.
Just to wrap this up from my point of view here is what works for me. I am code signing a desktop app that will be shared with just a few users. This is not going through the App Store. This is all done in Terminal. This assumes you have your certificate from Apple in you Keychain Access app.
- cd to the build directory, makes it easier.
- xattr -rc Your_App_Name.app
(removes extended attributes) - codesign -s “Developer ID Application: Your Name (6A9#######)” Your_App_Name.app
(sign your app) - spctl -a -v -v Your_App_Name.app
(to test for proper code signing)