Notarisation lessons from today

Using AppWrapper; code-signing was very quick. Then I made the DMG (app plus some docs) with Disk Utility and offered the DMG up for notarisation.

  1. The first message was along the lines of “can’t establish an authentication session”. I had changed my AppleID password (this happens every time I use it as I can never remember the p/w) and to get past this I needed to go to appleid.apple.com and get a new appleid password. This involved the usual multistep rigmarole. Only then could I actually login there and get a new app-specific-password. Presumably changing the appleid-password invalidates the app-specific ones.

  2. The next message was that I needed to “sign the relevant contracts online”. So I went to developer.apple.com, but all I needed to do there was agree to new Ts&Cs they had introduced.

With this accomplished, notarisation proceeded and completed.

I’m reminded more and more of a long rant written in the early 90s by a guy who was a DOS/PC consultant but a Mac user at home. No prizes for guessing the sorts of things he was ranting about, but it feels a bit like Apple is putting itself in that situation now.

Thank goodness for AppWrapper, which not only does the work but had some hints about what to do.

I am designing a better error handler, now that we actually have some error information to work with (there’s nothing documented from Apple). It should make it easier to connect the dots when these things occur.

Me, too.
Please look in Applications/Utilities/Keychain Access for “appleid” to find your p/w.

@Tim Streater [quote] Then I made the DMG (app plus some docs) with Disk Utility and offered the DMG up for notarisation.[/quote]

I too build my dmg with Disk Utility (and notarize it with AppWrapper). My problem was that, in Disk Utility, after selecting Images > Convert, my dmg was pretty big.

For instance: with an app’s size around 13 MB, after zipping it I’d get a 5 MB file, but after converting it to dmg I’d get a 10 MB file.

Until, by testing, I found that before selecting Images > Convert, I had to select Images > Add Check Sum. In this way, whatever is the size of the image one creates, let’s say 35 MB, after selecting Images > Add Check Sum and Convert, the resulting dmg is slightly bigger that a zipped file.
Unless I did / do something wrong…

Good news :slight_smile:

So I guess we should continue to post what messages we got, under what circs, and what we did to fix it.

Another related question: it feels like the so-called “app-specific-password” is not really app-specific, it’s just a password you have to get from apple, presumably a different one for each app (?), which is needed to allow the authentication session to be established. I did eventually read an email which that changing the appleid invalidates any such pw obtained under the auspices of the old password. So it’s really a notarisation password. Is this so?

Perhaps it’s app-specific if one is going to be sending the app to the App Store (which I am not doing).

[quote=486229:@Detlef Kahner]Me, too.
Please look in Applications/Utilities/Keychain Access for “appleid” to find your p/w.[/quote]
Just looked there and it contains an old password. Not the new one I entered yesterday.

I probably have this wrong, but the way I see this working is:

You (the developer) have an AppleID and an associated password.
Some utilities need to interact with Apple functionality and would previously have needed both your ID and password to do that.

Creating an app-specific password means that you can allow them access to be your proxy (for a while), without divulging your real AppleID password to any third party. Apple knows the app specific passwords are OK for your account, for a while.