Comments (10)
a7ul
commented on August 16, 2024
Hey @cvl
I havent done this before
But the process should be same as that of Qt
Here is a guide that does this: https://skyronic.com/2019/07/app-notarization-for-qt-applications/
from packer.
cvl
commented on August 16, 2024
Trying to correctly sign & notarize Mysterium desktop app for MacOS:
https://github.com/mysteriumnetwork/mysterium-vpn-desktop
using the following script
https://github.com/mysteriumnetwork/mysterium-vpn-desktop/blob/master/deploy/pack-macos.sh
After signing, as per tutorial, I use ditto -ck --rsrc --sequesterRsrc "deploy/darwin/build/MysteriumVPN.app" "deploy/darwin/build/MysteriumVPN.zip"
to create zip (for uploading to apple).
Then xcrun altool --notarize-app -t osx -f "deploy/darwin/build/MysteriumVPN.zip" --primary-bundle-id="network.mysterium.desktopvpn" -u "username" -p "passwd"
I get the following error from Apple though:
{
"logFormatVersion": 1,
"jobId": "123",
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"archiveFilename": "MysteriumVPN.zip",
"uploadDate": "2020-04-08T14:17:55Z",
"sha256": "123",
"ticketContents": null,
"issues": [
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/MacOs/qode",
"message": "The executable does not have the hardened runtime enabled.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/nodegui_core-d3eecda678d6cb88e4609fa1fd6c1d61.node",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/nodegui_core-d3eecda678d6cb88e4609fa1fd6c1d61.node",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/myst",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/myst",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/myst",
"message": "The executable does not have the hardened runtime enabled.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/openvpn",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/openvpn",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/openvpn",
"message": "The executable does not have the hardened runtime enabled.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/myst_supervisor",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/myst_supervisor",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Resources/dist/static/myst_supervisor",
"message": "The executable does not have the hardened runtime enabled.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtPrintSupport.framework/Versions/5/QtPrintSupport",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtPrintSupport.framework/Versions/5/QtPrintSupport",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtGui.framework/Versions/5/QtGui",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtGui.framework/Versions/5/QtGui",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtDBus.framework/Versions/5/QtDBus",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtDBus.framework/Versions/5/QtDBus",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtCore.framework/Versions/5/QtCore",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtCore.framework/Versions/5/QtCore",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtWidgets.framework/Versions/5/QtWidgets",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/Frameworks/QtWidgets.framework/Versions/5/QtWidgets",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
}
]
}
Any suggestions?
from packer.
cvl
commented on August 16, 2024
After further trial&error I've one outstanding error from apple notarizer:
"issues": [
{
"severity": "error",
"code": null,
"path": "MysteriumVPN.zip/Contents/MacOs/qode",
"message": "The signature of the binary is invalid.",
"docUrl": null,
"architecture": "x86_64"
}
]
Any ideas why qode signature could be invalid?
from packer.
cvl
commented on August 16, 2024
Seems I've managed to pull it off, sorry for bothering.
from packer.
cvl
commented on August 16, 2024
Gatekeeper still blocks though..
from packer.
a7ul
commented on August 16, 2024
But what does it say ? Does the gatekeeper say its from an unidentified developer or something else ?
from packer.
cvl
commented on August 16, 2024
just this:
com.apple.xpc.launchd[1] (com.apple.xpc.launchd.oneshot.0x1000000e.qode[4870]): removing service since it exited with consistent failure - OS_REASON_EXEC | Gatekeeper policy blocked execution
from packer.
cvl
commented on August 16, 2024
Currently using the following code to pack: https://gist.github.com/cvl/13aba5df52caaf68cdd68952c9c064ca
And to notarize: https://gist.github.com/cvl/8de372938485855c6951a518f8f2e723
from packer.
zolia
commented on August 16, 2024
@cvl can it be related with app crashing and gatekeeper message is just a side effect message? As posted here: https://forums.developer.apple.com/thread/126896
from packer.
cvl
commented on August 16, 2024
App is not crashing when unsigned.
from packer.
Related Issues (20)
- Build error HOT 2
- Can`t use "Open with"
- Popup pront HOT 2
- MacOSX codesign HOT 3
- Production qode.exe only running from some locations
- Debugging after build of working code? HOT 2
- Can't build on Linux HOT 1
- standalone executable on windows? HOT 5
- How to use this tool? HOT 4
- AppImage run node REPL HOT 2
- Package for 32bit architecture HOT 1
- Question: QT licensing question
- Can't integrate dependencies with WASM modules
- process crashes when I do literally anything
- Quesiton: How to publish app on the Apple Appstore
- Packed app on macos does not have signature. HOT 3
- How do i build for other OS?
- Is this tool abandoned?
- The plugins path in qt.conf (linux mint) points to a non-existent folder (Bug) HOT 2
- qt.conf in Ubuntu is being ignored
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from packer.