Notarizing question
Phil
Phil at pgpotter.co.uk
Thu Sep 3 07:22:22 EDT 2020
Hi Mike,
Yeah, I kind of assumed that Andy had done that xattr one already?
But you might be right.
I had written some xcomps, and found I had to code sign the files within
them for this process.
So yes, they can be a problem...
for me the -r option didn't always work, hence doing each file individually.
Indeed the Apple site says do them individually, and then finalise the
app with the -r option?
So that is what I ended up doing.
Like many of us now, my process just works, so time to just leave it
alone and just use it.
Phil.
On 03/09/2020 12:00, Mike Matthews - Omnis wrote:
> I found some components were the problem, so I found the recursive command :). Then I redo the lot again.
>
> To remove Xtended Finder Attributes for v8 & v10 Dev & Client versions: (quick)
>
> sudo xattr -rc /Users/mike/Desktop/notarisation/SourceFiles/LinealSQLWorksClient.app
>
>
> Mike
>
>
>> On 3 Sep 2020, at 11:49, Phil (OmnisList) via omnisdev-en <omnisdev-en at lists.omnis-dev.com> wrote:
>>
>> Hi Mike,
>>
>> unless I am mistaken, he is not talking about the rest of the App., just the actual executable within the App...
>>
>> Sounds like he already has a script for the rest of the app structure...
>>
>> I recall an issue with our executable, a renamed omnis, but cannot recall exactly what it was I did to correct it.
>>
>> Our solution may even of been, don't touch it, just codesign the stuff we have added or modified.
>>
>> When you say clear down, are you just meaning the --force on codesigning stuff again?
>> Or something else?
>>
>> Out of curiosity, how did you recursively go inside all folders?
>> I ended up created a library that generated a script file with a codesign line for each file in the App structure.
>> Noting that apple say that the -r option is what you do at the end to finalise it?
>>
>> I subsequently reduced the script to things that actually change so that the notarization process was a bit quicker.
>>
>> I recall getting caught out with the scripts we ran in the installer created with packages, failing to codesign them as well caused the package not to be notarised.
>>
>> regards
>> Phil Potter
>> Based in Chester in the UK.
>>
>> On 03/09/2020 10:04, Mike Matthews - Omnis wrote:
>>> I’ll send you my parts that fixes this problem.
>>>
>>> You have to clear down existing settings, recursively inside all folders, including xcomps.
>>>
>>> Mike
>>>
>>>
>>>
>>> On 3 Sep 2020, at 04:14, Andy Hilton <andyh at totallybrilliant.com<mailto:andyh at totallybrilliant.com>> wrote:
>>>
>>> All
>>>
>>> I make my app, and follow the scripts I have previously got (an edit of Bas’s scripts) - and all passes muster, it appears notarized and stapled….
>>>
>>> I make a dmg - and again following the scripts I notarize my dmg
>>>
>>> Except this time I get a failure and following the logs, it tells me that the signature on the ‘Omnis’ app itself (TheApp/Contents/MacOS/Omnis) is invalid
>>>
>>> Anyone know why that may be and what command I should add to the https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fprepare_build.sh&c=E,1,8lvYqp9L12JdP-VGZN3PJGIJrcHV_36g7SKOiOLzhqWi20ZaFK_N-laBsJQ1teicJpsHpEDuvYJ8KF2t8MeIXyJs5m-u_sF9uBFFRRfHraWizNiAtBf8MxtKfA,,&typo=1 script to correct it ?
>>>
>>> I am currently trying :
>>>
>>> codesign -f -o runtime --entitlements /Users/andy/Downloads/codesign/standard_entitlements.plist --timestamp --verbose -s "Developer ID Application: Andy Hilton (6UMDUSHJ58)" https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f%2f%2fmyAppName.app%2fContents%2fMacOS%2fOmnis&c=E,1,uXcHox7-gUuTj7Ndh2pp1XLHHVqH32-gv7dBFi4KWbHOYG1R38xQ-rA08lAq3HGms8wh9t6zi4ZHmeBq-JS_fUYb999bnD4ii3wokUf2vN8vPQXOVQ,,&typo=1
>>> codesign -f -o runtime --entitlements /Users/andy/Downloads/codesign/extended_entitlements.plist --timestamp --verbose -s "Developer ID Application: Andy Hilton (6UMDUSHJ58)" https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f%2f%2fmyAppName.app%2fContents%2fMacOS%2fOmnis&c=E,1,qVRLYdbvq7Mo0PhIfikpwqUgP9BJ9DOENexXhmvG-Bz6dlzW3TFK_iRHJ70GKEETjpwJ-31JOnt2Qot6Ay9oV18O3-ahLYCt-rtQpcFuMQc00v0FFRCk3VXz&typo=1
>>>
>>> _____________________________________________________________
>>> Manage your list subscriptions at https://linkprotect.cudasvc.com/url?a=http%3a%2f%2flists.omnis-dev.com&c=E,1,zJDh8OXQcxBJZGUVWeaycTWr5-JsGNpRRdrWafucEpDCaM7QeRWdwk8ytdFc-qWPVAstieTzMRiNGFnuVwGjXwIP1VC2YvalpU1DpoOg0do,&typo=1
>>> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com
>> _____________________________________________________________
>> Manage your list subscriptions at https://linkprotect.cudasvc.com/url?a=http%3a%2f%2flists.omnis-dev.com&c=E,1,GLLiG3A4mmqRprDeJza2aPobDSHNxfBFBOrftnXHx8yP2gLXC4cBoSPMgGTykcTurR-XciBurMwMIBVmxVEV9VRyJjyny1UKlhLtQnBCB_zRIDRO&typo=1
>> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com
> _____________________________________________________________
> Manage your list subscriptions at http://lists.omnis-dev.com
> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com
--
P G Potter, 11 Regency Court, Mickle Trafford, Chester, UK.
This message is confidential and intended for the use only of the person
to whom it is addressed. If you are not the intended recipient you are
strictly prohibited from reading, disseminating, copying, printing,
re-transmitting or using this message or its contents in any way.
Opinions, conclusions and other information expressed in this message
are not given or authorised by the Company unless otherwise indicated by
an authorised representative independent of this message. The Company
does not accept liability for any data corruption, interception or
amendment to any e-mail or the consequences thereof. Emails addressed to
individuals may not necessarily be read by that person unless they are
in the office.
More information about the omnisdev-en
mailing list