codesign

I have a Safari Extension deployed to test flight built and deployed using CLI tools in Azure Devops. It appears to be building, signing, and deploying properly. But when users try to install on TestFlight, they see an error saying something about an invalid provisioning profile. This seems to just be on the installer portion of the app. The extension shows up in safari settings and is otherwise useable. The users just aren't seeing the splash screen that instructs them to go to Safari Settings. I'm not really sure what's wrong here. This is what my build pipeline looks like - task: Bash@3 displayName: Build export.plist file inputs: targetType: 'inline' script: /usr/libexec/PlistBuddy -c Add :method string mac-application $(Pipeline.Workspace)/export.plist && /usr/libexec/PlistBuddy -c Add :provisioningProfiles dict $(Pipeline.Workspace)/export.plist && /usr/libexec/PlistBuddy -c Add :provisioningProfiles:$(APP_IDENTIFIER) string $(InstallDistProvisioningProfile.provisioningProfileUuid) $(Pip

Hi, can't activate system-extension. in any case getting Domain=OSSystemExtensionErrorDomain Code=8 Invalid code signature or missing entitlements (sometimes get code = 9) P.S. In debug running all is working. (The system is asking to activate sysex) Has to read huge amount of forum, samples, and docs. But no luck What and how i've tried steps which i've doing #- signing sysextension binaries with Developer ID Application #- signing system extension with Developer ID Application #- signing application with Developer ID Application #- checking all signatures with Developer ID Application #- building pkg installer #- signing installer with Developer ID Installer #- checking signing #- sending installer for notarization #- waiting for installer verification #- after success I call stapler staple #- When calling sysex activation I get (But the problem is persist when i've try to move signed app to application folder, or try to notarize zip) or in any case which possibly mention on forum, i've get sign command sam

PLATFORM AND VERSION macOS Development environment: Other: Python Run-time configuration: macOS 14.6.1 DESCRIPTION OF PROBLEM We have created application using python and created .app using pyInstaller. We want to get the location access using python based application which we are trying to run on MacOS 14.6.1. Without including NSLocationUsageDescription in our info.plist, it is working fine but not getting location permission pop up. After including NSLocationUsageDescription in info.plist application got corrupted. STEPS TO REPRODUCE We are using below commands to sign the application codesign --force -s Developer ID Application: Pitney Bowes (72NX38Y9GF) -v DeviceHub.app --deep --strict --options=runtime --entitlements ../info.plist DeviceHub.app ditto -c -k --keepParent --rsrc --sequesterRsrc --arch 'x86_64' DeviceHub.app DeviceHub.zip xcrun notarytool submit DeviceHub.zip --keychain-profile DHAgentProfile --wait xcrun stapler staple DeviceHub.app

I am trying to understand the mechanics of how iOS/iPadOS apps work on macs with Apple Silicon. In particular, I'd like to understand the runtime environment of these apps. I installed one to test it on a mac. I ran codesign --entitlements on a mac, on an iOS app downloaded form the mac app store. I was very surprised to see the sandbox entitement was NOT present. On iOS all apps are sandboxed, so I was very surprised to see that the macOS translation was not sandbox. This seems like a significant weakening of the security. Can anyone shed some light on that?

I first built WordPuzzleAids over 2 years ago. I built it on my MacBook Pro, using Xcode and Swift. The destination for the build was my iPhone. Two weeks ago, the app stopped working on the iPhone: I thought I might need to rebuild it on the on the MacBook and re-deliver it to the iPhone. The build failed with: CodeSign /Users/paddy/Library/Developer/Xcode/DerivedData/WordPuzzleAids-dnwilitxxdvpzablseyseujsllag/Build/Products/Debug-iphoneos/WordPuzzleAids.app (in target 'WordPuzzleAids' from project 'WordPuzzleAids') cd /Users/paddy/Projects/ThirdParty/WordPuzzleAids Signing Identity: Apple Development: John Patterson (G9M8AH9CTD) Provisioning Profile: iOS Team Provisioning Profile: * (650d11d4-ecd2-4458-a146-3cb55438e9dc) /usr/bin/codesign --force --sign 1FC4588FA2EAD7DCF9AAC9CDC823B567D76BCBE8 --entitlements /Users/paddy/Library/Developer/Xcode/DerivedData/WordPuzzleAids-dnwilitxxdvpzablseyseujsllag/Build/Intermediates.noindex/WordPuzzleAids.build/Debug-iphoneos/WordPuzzleAids.build/WordP

I have an Electron app built for macOS, and it was distributed via 'Developer ID' for years, it worked well and I was able to access the photos in the system Photos library. Surely I already have the 'NSPhotoLibraryUsageDescription' key in Info.plist. Recently we are trying to publish this app to Mac App Store, so I have to turn on the sandbox, after that the app starts giving XPC errors while accessing the Photos library. The errors look like: PHAuthorizationStatus: Authorized CoreData: XPC: sendMessage: failed #0 CoreData: XPC: Unable to sendMessage: to server ... CoreData: XPC: sendMessage: failed #7 CoreData: XPC: Unable to connect to server with options { NSPersistentHistoryTrackingKey = 1; NSXPCStoreServerEndpointFactory = ; skipModelCheck = 1; } CoreData: XPC: Unable to load metadata: Error Domain=NSCocoaErrorDomain Code=134060 A Core Data error occurred. UserInfo={Problem=Unable to send to server; failed after 8 attempts.} CoreData: fault: Unable to create token NSXPCConnection. NSXPCStoreServerEndpoi

Hi all — Hoping you all have insights on notarization. We are a small startup using Apple Business Essentials as our company MDM, managing our fleet of Macs. ABE has the capability (as with every MDM) to deploy custom software to those Macs via .pkg files. We create the package files with no problem, and also codesign them with no problem. We discovered that the Macs will fail to install the packages if the package is not notarized (which makes sense from the perspective of Gatekeeper). Notarizing the package was easy. Submitting them is easy. But the processing time has been crazy! I've read from posts here that the first submissions can take a long time, and indeed ours did — iirc, about 48 hours. But the pattern has continued. Our most recent submission (submission id 2a714bbf-83e7-4a25-b936-e002c94e1704 if someone from Apple is reading) has now taken almost 4 days and is still In Progress. I have no idea how to resolve this, or even to understand what's holding up the submission. Anyone have any