Problems with codesigning app for app store

I’ve been trying to submit an app to the Mac app store. I actually have one in there I submitted a couple years ago, but since I got a new computer I’m unable to codesign. No backup of other certs so I downloaded new ones. When I try to codesign the app…

codesign -f -s "3rd Party Mac Developer Application:<my name>" MyApp.app

it tells me “No identity found.”
I seem to have all the certs I need, but when I tried adding a new provisioning profile, when I double-click the download I get “The contents of this item cannot be retrieved.” and it fails to import it into Keychain Access.
I tried posting on the Apple Developer site but I have gotten no help at all there. Was wondering if someone here has run into this or knows what I should do? I went thru XCode to download new certs and all are valid and up to date.

This is pretty basic, but just in case… does exactly match what is on your certificate? I got stuck on that once.

In Keychain Access, select My Certificates in the bottom left and login in the top left, then select the certificate you’re trying to use and click the arrow to expand it. If a Private Key doesn’t appear there, or there is something wrong with it, then you’ll have a problem. It might be best to start from complete scratch and make new keys/certificates/etc through Apple’s web portal, as I’ve had to do that a couple of times.

I would suggest downloading Xcode, going into the preferences and logging in with your registered developer username and password, Xcode will then download the correct certificates for you.

Oh okay… Didn’t read the whole thing before answering… Try using single quotes instead of double quotes and code signing identities are case specific, so double check that too.

I wil use this thread for a long nightmare with signing a app for app store. Now, I arrive a point for ask here and after this directly Apple. Under OS X Lion I have problems, too and I switch to Mavericks on a other system. I read many horror Story’s abut signing and finally here is my last try:

codesign --verbose --force --sign "MyID" RAMSyncDrive.app/Contents/Frameworks/*.* RAMSyncDrive.app/Contents/Frameworks/RBShell.xojo_plugin_0.dylib: replacing existing signature RAMSyncDrive.app/Contents/Frameworks/RBShell.xojo_plugin_0.dylib: signed Mach-O thin (i386) [RBShell.xojo_plugin_0] RAMSyncDrive.app/Contents/Frameworks/XojoFramework.framework: replacing existing signature RAMSyncDrive.app/Contents/Frameworks/XojoFramework.framework: code object is not signed at all In subcomponent: /Volumes/TOSHIBA/RAMSyncDrive.app/Contents/Frameworks/XojoFramework.framework/Versions/Current/._XojoFramework

And with deep for complete app:

/usr/bin/codesign -f --deep -s 'MyID' RAMSyncDrive.app --entitlement /Users/walterzeidler/Library/Containers/com.ohanaware.appWrapperMini/Data/Library/Application\\ Support/com.ohanaware.appWrapperMini/557C49301E05E41667/sandbox.entitlements RAMSyncDrive.app: Operation not permitted In subcomponent: /Volumes/TOSHIBA/RAMSyncDrive.app/Contents/Frameworks/XojoFramework.framework

I use Xojo 2014 R1 and AppWrapper mini. I like this tool :slight_smile: but I did not found option sign Plugins, too. Version 1.21 (149). I do that manually. I installed the latest Version from Xcode and Command Line Tools for Mavericks.

What can I do now? After x hours of try’s I am at the end of my ideas. Why this will work on RBShell.xojo_plugin_0 and not on XojoFramework.framework?

I do not understand why you codesign manually. App Wrapper Mini does that perfectly for you. Just make sure you use version 1.2.1 because previous versions do not work for 2014R1

I use App warpper mini 1.2.1 (149). When I activate signing I become a message “There are unsigned plugins in this app. Enable ‘Code sign included plugins’ & ‘Replace existing code signatures’ from the options button next to ‘Code Sign Application’, in App Wrapper Mini.”

This message comes then DoShellCommand becomes a “code object is not signed at all” in the wrapper script. I think this is the same problem. My problem is, where is “from the options button next to ‘Code Sign Application’”? I am to stupidly to find this button? I found a button but her is only a TimeStamp setting. Not “Enable 'Code sign included plugins”. Where is that? And solve this my problem?

All plugin options in the latest version are fixed on with 1.2.1 as MAS requires it and it doesn’t hurt GateKeeper either.
The Operation not permitted error is a new one for me? I don’t know what’s causing it.

The option is not available in App Wrapper mini UI? Ok, can you change the message in generated code and Doku? One proposal.

Micheal I don’t know why this not work. I used App Wrapper mini and the settings in Wrapper like this ones on your screen.

This code generated on my System for Signing from App Wrapper mini:

[code]////////////////////////////////////////////////////////////////////////////////////////////////
// Begin Codesigning the application
////////////////////////////////////////////////////////////////////////////////////////////////

Try
  call DoShellCommand( "/usr/bin/codesign -f -s '"+ appCodeSignature +"' " + appPath + "/Contents/Frameworks/*.dylib" )
  
  call DoShellCommand( "/usr/bin/codesign -f -s '"+ appCodeSignature +"' " + appPath + "/Contents/Frameworks/XojoFramework.framework/Versions/A/XojoFramework" )
  call DoShellCommand( "/usr/bin/codesign -f -s '"+ appCodeSignature +"' " + appPath + "/Contents/Frameworks/XojoFramework.framework" )
  
  dim result as string = DoShellCommand( "/usr/bin/codesign -f -s '"+ appCodeSignature +"' " + appPath)
  if instr( result, "code object is not signed at all" ) > 0 then
    result = "There are unsigned plugins in this app. Enable 'Code sign included plugins' & 'Replace existing code signatures' from the options button next to 'Code Sign Application', in App Wrapper Mini."
  end if
  if result <> "" then msgBox( "A Codesigning error occured", result )
End Try

[/code]

Looks fine? Now I will start my Test’s. I have two systems. One with Lion and the other one with Mavericks. I document my steps and post that here and hope that anyone see the problem. Or I found that. I have no chance. Actally is this a long nightmare.

I am not going to second guess code generated by App Wrapper Mini. What counts is that it works.

I have simply built and uploaded what was built for me.

So, when you build, you get the pkg. Have you simply tried to upload that ? If so, what was the error on Apple side ?

Good news. :slight_smile: But first your Question. I become a Error Report from Apple “Invalid Signature - the nested app bundle XojoFramework at path RAMSyncDrive.app/Contents/Frameworks/XojoFramework.framework is signed but the signature is invalid. The following error(s) were reported from code sign:”

Anyway. My first test under Lion works now with App Wrapper mini! What is my change? I install the latest Command line tools from apple yesterday and I restart my system today, thats it. Now I can test the same on Mavericks. But first, I will test my package and I will upload this to Apple. I hope, now this will works fine, too :-).

And, I test that manually in Terminal under Lion, too. Now this will work :slight_smile:

My Test with test user will not work and say “damaged”! But, I send that to Apple. Status:“Waiting For Review”. Now my test on Mavericks with App Wrapper mini.

The same thing. Installed Command Line Tools for Mavericks and reboot system, today. That was my problem with signing.

Thank you for help :slight_smile:

[quote=72566:@Walter Zeidler] dim result as string = DoShellCommand( “/usr/bin/codesign -f -s '”+ appCodeSignature +"’ " + appPath)
if instr( result, “code object is not signed at all” ) > 0 then
result = “There are unsigned plugins in this app. Enable ‘Code sign included plugins’ & ‘Replace existing code signatures’ from the options button next to ‘Code Sign Application’, in App Wrapper Mini.”
end if
if result <> “” then msgBox( “A Codesigning error occured”, result )
End Try[/quote]
My bad… I forced the options on, but forgot to clean the error message.

No problem. In your docu take a look, too. Please. I am drive crazy to found this option in UI ;-).

Was your app accepted even though your test user said app damaged/