User Profile

Just an addition: As you can see, my page answers with 302 - a redirect to the OpenID login page. 99.99% of the webbrowsers follow the redirect. But here, WebKit re-triggers the call all the time. This happens up to 100 times, sometimes up to 6 times per second (depending on network connectivity). I'm pretty sure the redirect is fine (not pointing to myself).

Hi. Did you find the issue? I have the same problem with either the development or the distribution profile. Certificates are trusted "Use system default" and I tripple checked all profiles and app identifiers. No success...

Hi. Did you find the issue? I have the same problem with either the development or the distribution profile. Certificates are trusted "Use system default" and I tripple checked all profiles and app identifiers. No success...

Thank you eskimo,From your point of view this is reasonable, but we are a small team and have to be efficient. Automation is our goal, so we automatically build every hour (but only if code has changed) and upload the latest version to an internal web server. From there, the testers get the beta versions and should of course test notarized versions (own employees testing in daily use). So we immediately find out if something goes wrong. The external Beta testers having access to this folder, too. They test on demand. We do not have time to notarize manually if they want some new version. And if we release, we take the last build from this folder and upload it to some public location. Then we increase revision or minor version number for the next builds. Now, with notarization, this becomes more complicated. Even with nightly builds, the issue stays the same.So, if not done automatically on build, we will have to notarize manually many times. Which is, from my point of view, no good solution because notarization needs up to 6 minutes and we build 3 applications.Sadly, I do not really understand notarization in detail. The same for stapling it to the pkg file. I found no documentation explaining what "exactly" happens. For example, on what identifiers you store the notarization (hashcode of pkg file, BundleID, others?). And what means stapling this to the pkg file? Is it like signing? I would be happy if you can point me to some website where I can learn about this to better understand. Knowledge about this may answer my questions.Thanks,Kukulkan

Thanks for your answer. We do not distribute or upload these builds. This is building for QA. They get the .pkg packages by email or download for testing. And of course, I want them to test like real end users. But manually notarizing them is to time consuming and it is better to do this in the build script. And this runs very often.And at one point, we take such and upload it for the public. It has to stay notarized, even if we build new versions later (eg for patch releases).I think I can try this. We will see if something happens :-)Have a nice weekend.

Thanks. But is there any place where I can read this? Any official source for this? I really do not want them to close our account because of "missuse" or whatever this may trigger then...Also, what if I notarize my app in version 1.1.1, then later version 1.1.2 and finally version 1.1.3. If i now decide to release version 1.1.2; do I have to re-notarize version 1.1.2 or are all three versions valid then?