Regarding Codesigning for Catalina

Getting Started
1

Good morning all!
I am quite new to all of this and actually I’m not the XOJO user, but I have been given the task of code signing and hopefully notarizing OSX apps for an XOJO user. I have followed the instructions as best I can from a document provided by XOJO using terminal. Terminal is returning a dquote error, which my research indicates an issue with an unclosed double quote. As far as I can see all quotes used in the suggested terminal commands are complete…

codesign -f -s “Developer ID Application: YourName (345XXYY)” “YourXojoApp.app/Contents/Frameworks/.dylib"
codesign -f -s “Developer ID Application: YourName (345XXYY)” "YourXojoApp.app/Contents/Frameworks/.framework”
codesign -f -s “Developer ID Application: YourName (345XXYY)” “YourXojoApp.app”

I’ve navigated to the correct directory and inserted all the correct replacement text again to the best of my figuring.
I am curious about the error and also the format of the the numbers and letters in brackets after the YourName area. The alphanumeric number provided in the Certificate does not follow this format. Is that OK?

Any additional information you may have on clear instructions for a noob to get this task completed would be most helpful.
Thanks for your time and consideration!!

Larry T

2

Buy a copy of AppWrapper https://www.ohanaware.com/appwrapper/

It is by far the best way to go.

3

Tried that. Errors there as well. I was instructed that AppWrapper signs the installer, but the app needs to be signed first?
Sorry, as I said, new at this…

4

I use AppWrapper. The Terminal commands and their associated error messages were not something I wanted to get into.

  1. Need an Apple Developer Account and some certificates. Why more than one cert is needed is another mystery.

  2. I code sign the app first, taking the opportunity to have AppWrapper strip out the 32-bit libraries, thereby reducing the app size quite a bit.

  3. Next I put the app in a folder (along with User Guides etc) and get Disk Utility to make a .dmg out of this folder.

  4. I use AppWrapper’s Notarise menu option to do the submission to Apple.

  5. I put the notarised .dmg on my web site and end-users then download it. Not had any complaints so far.

There is some stuff about needing an app-specific password that you get via your Developer account, but I can’t remember what that is all about.

5

The code should do it provided you add your dev id. Mind the double quote followed by the single quote. You also need an entitlement file:

[code]dim appPath as string = currentBuildLocation + “/” + shellEncode(currentBuildAppName)
if right(appPath, 4) <> “.app” then appPath = appPath + “.app”
Dim isDebugBuild as boolean = right( currentBuildAppName, 6 ) = “.debug”

dim result, errors as string
result = doShellCommand("/usr/bin/touch -acm " + appPath)
result = doShellCommand(“xattr -rc " + appPath)
If result <> “” then print result
dim DevID as String = “‘xxx’”
result = DoShellCommand(”/usr/bin/codesign --timestamp -f -s " + DevID + " " + appPath + “/Contents/MacOS/")
result = DoShellCommand("/usr/bin/codesign --timestamp -f -s " + DevID + " " + appPath + "/Contents/Frameworks/”)

result = DoShellCommand("/usr/bin/codesign --timestamp -f -s " + DevID + " " + appPath + “/Contents/vcomponents_x64/")
result = DoShellCommand("/usr/bin/codesign --timestamp -f -s " + DevID + " " + appPath + "/Contents/Resources/”)
result = DoShellCommand("/usr/bin/codesign --timestamp -f -s " + DevID + " " + appPath)
result = DoShellCommand("/usr/bin/codesign --timestamp -f --options runtime --entitlements /Users/beatrixwillius\ 1/Documents/Development/Mail\ Archiver/Classes/Build\ Automation/entitlements.plist --deep -s " + DevID + " " + appPath)

// Helper functions used within this script, contents may vary from packaging
Function shellEncode( inValue as string ) as string
Dim rvalue as string = replaceAll( inValue, " ", "\ " )
rvalue = replaceAll( rvalue, “&”, “\&” )
rvalue = replaceAll( rvalue, “-”, “\-” )
rvalue = replaceAll( rvalue, “(”, “\(” )
rvalue = replaceAll( rvalue, “)”, “\)” )
return rvalue
End Function[/code]

In a shell script you usually use single quotes and not double ones. The codesign doesn’t do any quotes. The code is for an IDE script that is done after building.