IMPORTANT altool is deprecated for the purposes of notarisation and will stop working on 1 Nov 2023 [1]. If you’re currently notarising with altool, switch to notarytool now. For specific advice on how to do this, see TN3147 Migrating to the latest notarization tool.
General:
DevForums tag: Notarization
WWDC 2018 Session 702 Your Apps and the Future of macOS Security
WWDC 2019 Session 703 All About Notarization
WWDC 2021 Session 10261 Faster and simpler notarization for Mac apps
WWDC 2022 Session 10109 What’s new in notarization for Mac apps — Amongst other things, this introduced the Notary REST API
Notarizing macOS Software Before Distribution documentation
Customizing the Notarization Workflow documentation
Resolving Common Notarization Issues documentation
Notary REST API documentation
TN3147 Migrating to the latest notarization tool technote
Fetching the Notary Log DevForums post
Q&A with the Mac notary service team Developer > News post
Notarisation and the macOS 10.9 SDK DevForums post
Testing a Notarised Product DevForums post
Notarisation Fundamentals DevForums post
The Pros and Cons of Stapling DevForums post
Many notarisation issues are actually code signing or trusted execution issue. For more on those topics, see Code Signing Resources and Trusted Execution Resources.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] See Apple notary service update.
Notarization
RSS for tagNotarization is the process of scanning Developer ID-signed software for malicious components before distribution outside of the Mac App Store.
Posts under Notarization tag
116 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
Hi, I had an issue when I notarized myapplication.dmg with Process 'xcrun notarytool submit' exited with value '132'.
Do you know how to solve it?
Do you have any explanation about the response value when we execute 'xcrun notarytool submit'?
Thank you very much!
2025-02-25 09:36:18,182 ERROR [org.ecl.cbi.ws.mac.not.xcr.not.NotarytoolNotarizer] (macos-notarization-service-pool-thread-14) Error while parsing the output after the upload of '/tmp/macos-notarization-service/pending-files/myapplication.dmg' to the Apple notarization service: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Premature end of file.
at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204)
at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1465)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:1013)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:605)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:542)
at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:889)
at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:825)
at java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
at java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1224)
at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:637)
at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(SAXParserImpl.java:326)
at java.xml/javax.xml.parsers.SAXParser.parse(SAXParser.java:197)
at org.eclipse.cbi.ws.macos.notarization.xcrun.common.PListDict.fromXML(PListDict.java:134)
at org.eclipse.cbi.ws.macos.notarization.xcrun.notarytool.NotarytoolNotarizer.analyzeSubmissionResult(NotarytoolNotarizer.java:39)
at org.eclipse.cbi.ws.macos.notarization.xcrun.common.NotarizationTool.upload(NotarizationTool.java:50)
at org.eclipse.cbi.ws.macos.notarization.xcrun.common.Notarizer.lambda$uploadFailsafe$3(Notarizer.java:65)
at net.jodah.failsafe.Functions.lambda$get$0(Functions.java:48)
at net.jodah.failsafe.RetryPolicyExecutor.lambda$supply$0(RetryPolicyExecutor.java:66)
at net.jodah.failsafe.Execution.executeSync(Execution.java:128)
at net.jodah.failsafe.FailsafeExecutor.call(FailsafeExecutor.java:379)
at net.jodah.failsafe.FailsafeExecutor.get(FailsafeExecutor.java:68)
at org.eclipse.cbi.ws.macos.notarization.xcrun.common.Notarizer.uploadFailsafe(Notarizer.java:65)
at org.eclipse.cbi.ws.macos.notarization.NotarizationService.lambda$notarize$0(NotarizationService.java:192)
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:840)
Hi guys,
I got an error about mac notarization result return 132.
here is the stack trace on the logs:
2025-02-25 02:53:55,503 ERROR [org.ecl.cbi.ws.mac.not.xcr.not.NotarytoolNotarizer] (macos-notarization-service-pool-thread-13) Error while parsing the output after the upload of '/tmp/macos-notarization-service/pending-files/myapplication.dmg' to the Apple notarization service: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Premature end of file.
at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204)
at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1465)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:1013)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:605)
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:542)
at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:889)
at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:825)
at java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
at java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1224)
at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:637)
at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(SAXParserImpl.java:326)
at java.xml/javax.xml.parsers.SAXParser.parse(SAXParser.java:197)
at org.eclipse.cbi.ws.macos.notarization.xcrun.common.PListDict.fromXML(PListDict.java:134)
at org.eclipse.cbi.ws.macos.notarization.xcrun.notarytool.NotarytoolNotarizer.analyzeSubmissionResult(NotarytoolNotarizer.java:39)
at org.eclipse.cbi.ws.macos.notarization.xcrun.common.NotarizationTool.upload(NotarizationTool.java:50)
at org.eclipse.cbi.ws.macos.notarization.xcrun.common.Notarizer.lambda$uploadFailsafe$3(Notarizer.java:65)
at net.jodah.failsafe.Functions.lambda$get$0(Functions.java:48)
at net.jodah.failsafe.RetryPolicyExecutor.lambda$supply$0(RetryPolicyExecutor.java:66)
at net.jodah.failsafe.Execution.executeSync(Execution.java:128)
at net.jodah.failsafe.FailsafeExecutor.call(FailsafeExecutor.java:379)
at net.jodah.failsafe.FailsafeExecutor.get(FailsafeExecutor.java:68)
at org.eclipse.cbi.ws.macos.notarization.xcrun.common.Notarizer.uploadFailsafe(Notarizer.java:65)
at org.eclipse.cbi.ws.macos.notarization.NotarizationService.lambda$notarize$0(NotarizationService.java:192)
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:840)
Do you know why?
If you have any thread or documents telling about the details of return values of the command: 'xcrun notarytool submit'
I am trying to get a PKG installer through the Apple codesign and notarytool process. When I submit the PKG installer I get a status message of "Invalid" and when I review the log file it has 2 errors. For "status summary" it says: "Archive contains critical validation errors", and for "message" it says" "The binary is not signed".
The installer contains a flat file that is installed in the "Users/Shared" folder via the PKG installer.
Here are the steps I've taken to get the installer through the codesign and notarytool process.
codesign the file that's placed in the "Users/Shared" folder:
codesign --options=runtime --sign 'Developer ID Application: XYZ' -v /Users/.../Documents/folder/"flat file"
which I get a message saying "signed generic".
Create the PKG installer with the signed "flat file".
Sign the PKG installer containing the signed "flat file":
codesign --options=runtime --sign 'Developer ID Application: XYZ' -v /Users/.../Documents/folder/"flat file"
which I get a message saying "signed generic".
Submit the PKG file with notarytool:
xcrun notarytool submit /Users/.../Documents/folder/"flat file" --verbose --apple-id username --password password --team-id ID# --progress
It completes and provides the submission ID.
I check the status and get the error message that it's invalid.
When I check the full details via the log I get the error messages mentioned above.
What am I missing or failing to do?
I can't upload my macOS app to app store connect.
Each time i try to upload, i see this message:
Provisioning profile failed qualification
Profile doesn't support App Groups.
An empty app without an app group uploads fine, but if i add an app group to it, it does not upload.
Xcode 16.2 Framework Signing Issues with Cloud Managed Developer ID in Automated Builds
Issue Description
After upgrading from Xcode 15.4 to 16.2, our macOS app's frameworks are failing notarization with the error "The binary is not signed with a valid Developer ID certificate" for embedded frameworks when building through fastlane. This worked correctly in Xcode 15.4. Importantly, manually archiving and notarizing through the Xcode GUI still works correctly - the issue only occurs during automated builds.
Build Configuration
We use fastlane to build and notarize our macOS app:
build_mac_app(
scheme: 'Runner',
export_method: "developer-id",
xcargs: '-allowProvisioningUpdates'
)
This generates the following xcodebuild commands:
Archive:
xcodebuild -workspace ./Runner.xcworkspace -scheme Runner -destination 'generic/platform=macOS' -archivePath /path/to/archive -allowProvisioningUpdates archive
Export with plist:
xcrun -exportArchive -exportOptionsPlist '/path/to/plist' -archivePath /path/to/archive -exportPath '/output/path' -allowProvisioningUpdates
Export options plist contents:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>installerSigningCertificate</key>
<string>Developer ID Installer: Company Inc (1234567891)</string>
<key>method</key>
<string>developer-id</string>
<key>signingStyle</key>
<string>automatic</string>
</dict>
</plist>
Notarization:
ditto -c -k --rsrc --keepParent "My App.app" "My App.app.zip"
xcrun notarytool submit "My App.app.zip" --output-format json --wait --key /path/to/key --key-id ABCDEFGHIJ --issuer 12345678-abcd-1234-5678-fc2d96b1735a
Error Output
Notarization fails with the following errors:
{
"severity": "error",
"code": null,
"path": "My App.app.zip/My App.app/Contents/Frameworks/some_package.framework/Versions/A/some_package",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721",
"architecture": "arm64"
}
Key Details
Using Xcode Cloud managed Developer ID certificates (not local certificates)
✅ Building, archiving, and notarizing through Xcode GUI works correctly
Automatic signing is enabled
Expected Behavior
Frameworks should be automatically signed with the cloud managed Developer ID certificate during the export process, as they were in Xcode 15.4.
Has there been a change in how framework signing is handled with cloud managed certificates in Xcode 16.2's command line tools? Any guidance on how to ensure frameworks are properly signed during automated builds when using automatic signing with cloud managed Developer ID certificates would be appreciated.
A few hours ago, it took 3 minutes to get the notarization phase of our build done... now I've got one that's been running for 25 minutes and hasn't finished yet. The last time this happened, the waits got up to multiple hours, and the status page didn't get updated.
Good morning,
recently we had our application migrated to a new account due to company changes. In the old account we were able to notarize and publish the application, using notarytool and altool, both as an external installer dmg and on the App Store.
The migration was successful and after signing up for a paid developer program, creating the new certificates and the new application password, we are now able to successfully sign and notarize the application for distributing the dmg package as an external installer.
However we have an issue with the altool used to publish the application on the App Store. It seems a credentials rejection.
This is unfortunately preventing us to deliver updated version of our software to our clients.
Here are the logs for the two commands
The USERNAME, TEAM_ID and APPLICATION_PASS are obviously placeholders by me to not show them in the following requests, and are originally the same in both commands
This is the notarytool command -> SUCCESS
xcrun notarytool history --apple-id "USERNAME" --team-id "TEAM_ID" --password "APPLICATION_PASS"
Successfully received submission history.
createdDate: 2025-01-21T12:24:28.472Z
id: 94e5e0ba-9529-4c38-b36f-1e0369b745ab
name: installer.app.zip
status: Accepted
I have built a flutter desktop app and I notarized it. I have to distribute it directly as I cannot turn on App Sandboxing due to the functions included in the application.
I created a build of the app from Xcode and then uploaded it for notarization and it was successfully notarized.
If I compress that app into a .zip and share it over the internet, it successfully opens on any computer.
But when I create a dmg using appdmg from npm and I try to distribute it, it does not open and shows me the option to either move to bin or cancel.
When I notarize the dmg using the command:
xcrun notarytool submit "YourApp.dmg"
--apple-id "email"
--password "app-specific-password"
--team-id "YOUR_TEAM_ID"
--wait
It notarizes successfully.
I have also done:
xcrun stapler staple "YourApp.dmg"
And validated it but it does not seem to work when I distribute it over the internet by uploading on my website.
It is a bit strange that when I distribute the notarized app, it does not show any error when distributed over the internet by uploading on my website and then downloading but for a notarized dmg, which is properly signed, it gives that error that wether move to bin or do nothing.
Would love someone's help on this!
Hi,
Since about 2 weeks notarytool is not very reliable on our CI/CD server. The tool either exists without printing any reason (killed by a signal; not caused by timeout - we have 6h timeouts and the tool gets killed after about 30 mins) or the process takes a very long time e.g. 2h to complete.
We use the same pipeline since at least 2 years and we did not have this problem before.
Some problematic calls:
createdDate: 2025-01-15T14:50:22.545Z
id: ca0faad3-789a-4842-a8c9-14aa7c2297a9
name: xxxxxx
status: In Progress
--------------------------------------------------
createdDate: 2025-01-15T14:33:06.813Z
id: 22df0da8-70de-4dd9-935d-a26055242014
name: xxxxxx
status: In Progress
--------------------------------------------------
createdDate: 2025-01-15T14:18:36.436Z
id: 5729b836-69f0-4526-b1d2-7743bd4d57a6
name: xxxxxx
status: In Progress
--------------------------------------------------
createdDate: 2025-01-15T14:18:31.716Z
id: 58f3c7a1-96bd-4f5d-8a3c-6860f925659e
name: xxxxxx
status: In Progress
Can anyone check why the tool is taking now way more time than before to process a submission? The app that we are notarizing did not change that much.
Hi there, this is the first time I submitted a Mac app for notarization but looks like all my submissions are stuck in in progress for like one day at the moment. Can anyone help take a look?
This is my submission history:
Successfully received submission history.
history
--------------------------------------------------
createdDate: 2025-01-16T00:23:18.445Z
id: 0581680c-9cfe-4e5b-9cc9-3ba101c9fd52
name: MiniCalendar.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-15T05:12:13.480Z
id: 55a03297-491b-4d30-8126-45d488a6beb9
name: MiniCalendar.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-15T04:27:40.510Z
id: 092f558f-01d0-48e5-9761-58dda54de23c
name: MiniCalendar.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-15T01:12:55.923Z
id: 3aa74a6f-bcb8-4911-9d18-fcbb3e9a6c11
name: MiniCalendar.zip
status: In Progress
This has been going on for at least a couple of hours for us: notarizing doesn't complete. Our last job ran for over 90 minutes before CircleCI timed it out. We're using xcrun notarytool submit with the --wait option; it contined to say "Current status: In Progress" for, as I said, 90 minutes or so. (Normally it takes about 70 seconds.)
https://developer.apple.com/system-status/ says everything is normal. This does not seem to be the case for us. 😄
Normally I get a response from a submit via notarytool within 30 seconds. Today - with a process that worked a few days ago - I don't get any answer, although the system status claims that the service is up and work.
Anybody else, or is it only me?
Hi at all, we started a notarization process and after 3 hours is still in progress.
Hello,
Our company's software successfully passes the notarization process when exported through Xcode Archive and compressed into a zip file. However, it fails notarization when packaged into a pkg using the Packages software (version 1.2.10), consistently returning the error "The signature of the binary is invalid." We need assistance to resolve this issue.
Here are some specific details on the signature statuses and notarization information:
xcrun stapler validation: Successful
xcrun stapler validate Maxi\ PC\ Suite.app
Processing: /Users/autel/Desktop/test11/files/Maxi PC Suite.app
The validate action worked!
pkgutil signature check: Successful
pkgutil --check-signature Maxi\ PC\ Suite.pkg
Package "Maxi PC Suite.pkg":
Status: signed by a developer certificate issued by Apple for distribution
Signed with a trusted timestamp on: 2025-01-09 08:09:17 +0000
Certificate Chain:
1. Developer ID Installer: Autel Intelligent Technology Co., Ltd. (MEXQ8HADL9)
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
B7 F7 AC 05 19 78 CB 5D 66 C1 11 95 EE C9 2E 31 B9 AA BD F5 32
E4 B6 4D 8D 0D 06 04 EE BC 1B 5A
------------------------------------------------------------------------
2. Developer ID Certification Authority
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1
8D 03 F2 9C 88 CF B0 B1 BA 63 58 7F
------------------------------------------------------------------------
3. Apple Root CA
Expires: 2035-02-09 21:40:36 +0000
SHA256 Fingerprint:
B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED
7E 2C 68 C5 BE 91 B5 A1 10 01 F0 24
pkg notarization: Failed
xcrun notarytool submit Maxi\ PC\ Suite.pkg --apple-id *** --team-id *** --password *** --wait
Conducting pre-submission checks for Maxi PC Suite.pkg and initiating connection to the Apple notary service...
Submission ID received
id: ccbf6330-b64a-4b42-87c0-b5db1fe25b2d
Upload progress: 100.00% (3.42 MB of 3.42 MB)
Successfully uploaded file
id: ccbf6330-b64a-4b42-87c0-b5db1fe25b2d
path: /Users/autel/Desktop/test11/build/Maxi PC Suite.pkg
Waiting for processing to complete.
Current status: Invalid.
Processing complete
id: ccbf6330-b64a-4b42-87c0-b5db1fe25b2d
status: Invalid
Detailed notarization failure information:
xcrun notarytool log ccbf6330-b64a-4b42-87c0-b5db1fe25b2d --keychain-profile "PC_Suit_Mac"
{
"logFormatVersion": 1,
"jobId": "ccbf6330-b64a-4b42-87c0-b5db1fe25b2d",
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"archiveFilename": "Maxi PC Suite.pkg",
"uploadDate": "2025-01-09T08:18:22.374Z",
"sha256": "0d1bd15e5c30bc890d20086de865739d01e131e34386b73ac20f8a5d52229906",
"ticketContents": null,
"issues": [
{
"severity": "error",
"code": null,
"path": "Maxi PC Suite.pkg/Maxi_PC_Suite.pkg Contents/Payload/Applications/Maxi PC Suite.app/Contents/MacOS/Maxi PC Suite",
"message": "The signature of the binary is invalid.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
"architecture": "x86_64"
}
]
}
We are looking for advice on how to resolve the error related to the invalid binary signature during the pkg notarization process.
Thank you.
Hi,
Our organization develops a Mac app and distributes it our of the Mac store. We have been creating App.dmg files for this and signed it with the Developer ID Application certificate and uploaded them for notarization using "xcrun notarytool". Everything was working fine until we created a new Developer ID Installer certificate to test the new App.pkg installer and uploaded it for notarization to the Apple server. It's been 3 days now and our production pipeline is stuck because all the submissions remain in In-Progress state and do not proceed further.
Details of the submission:-
createdDate: 2025-01-03T06:44:20.306Z
id: 7af70d77-1bab-4b17-aeba-7ddc75c030f9
name: XXXXXXXXXXXXXXX.pkg
status: In Progress
Since then, no submission(even for .dmg files) are processing through. I’ve raised a ticket with the support team as well, but it hasn’t helped. What more can we try to get out of this hole?
Hello, I've developed an application using Electron with JAVACRIPT. I have managed to deploy to both Windows and the web but having trouble deploying the application to my Mac users.
It's my first time deploying an application for Mac but feel like I'm stuck at the last hurdle and out of ideas so I'm reaching out for help.
My application is successfully signing but during the build and when my Notarize.js is running it seems to get stuck indefinitely.
I can check and see the status of the Notarize attempts but they seem to be stuck "In Progress". Here are the logs.
Successfully received submission history.
history
--------------------------------------------------
createdDate: 2025-01-06T00:59:45.245Z
id: 1dc39b5f-fdca-4bf2-a6f6-fa793de2786e
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-04T08:01:36.168Z
id: c575b015-edd6-4e09-8da5-7ae09f4f67db
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T08:30:31.528Z
id: 570ae540-8cce-4418-ab09-7f6be33dc245
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T07:57:56.701Z
id: 42748de8-026a-4663-9fd2-88c7608588d3
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T06:30:19.569Z
id: 5140caa0-df14-491a-b148-82015f9856da
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T05:56:28.916Z
id: 535c6be1-4999-4b3e-9766-42512a8deb67
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T02:51:04.893Z
id: ead2268c-62b2-4b4b-8850-c1cdb5313d6a
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T01:50:51.954Z
id: d0c44281-a788-4704-a057-4620d284516d
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T00:48:54.445Z
id: 3d13727c-06a3-49d7-902b-4001522107c3
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T13:35:26.715Z
id: 1823a550-a9ff-467a-8a60-dd3e42305258
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T13:23:41.894Z
id: cbc341a2-9a51-43d6-83ae-713443c84fec
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T12:21:44.561Z
id: 1af34419-655f-49b8-bea0-05b4232c46a7
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T11:34:03.732Z
id: 8c4ab3b5-2ea9-4220-9667-94011bcf76fb
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T11:19:16.052Z
id: 093dfb8a-9058-417d-acd3-8ea5d0bb654a
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T11:13:14.676Z
id: 556b7c1c-d114-4717-b0f7-4f1614ada845
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T10:52:36.834Z
id: ce3d3c8a-d218-4978-8757-2ca9d12aad76
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T09:27:13.535Z
id: b65ec764-baab-444d-809b-e4242d70548b
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T09:27:01.176Z
id: be228acc-e6a2-48f2-937b-5b2962275052
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T09:19:19.182Z
id: d99fc10b-c424-4d0c-a2aa-37a9e9165d91
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T08:55:43.064Z
id: 2e7f8df7-9c0b-4dd0-8df7-8f3428c0bfa0
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T08:19:48.676Z
id: 678355da-e413-4b1a-92a8-776a6ff6a055
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T07:58:48.278Z
id: 8591f8d7-1d57-4e80-af90-d77190160a20
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T07:54:41.193Z
id: f029dfeb-3f14-4f65-83e2-d9356ef6ac00
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T07:27:50.613Z
id: 574f2563-d533-4885-947a-2f57170196af
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T07:09:54.203Z
id: 589f7f3a-d231-4911-8ad6-9d2c15a61ac0
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T05:39:02.574Z
id: 9edd43de-6d14-4743-87fc-ab570bee7399
name: Popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T04:36:12.342Z
id: ba02116d-1aad-4521-8667-ad086b14c1cb
name: Popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T03:22:49.185Z
id: b8585c81-b7f5-4c35-9bd6-62157c6ce4bc
name: Popcorn.zip
status: In Progress
Hello, I've developed an application using Electron with Javacript. I have managed to deploy to both Windows and the web but having trouble deploying the application to my Mac users.
It's my first time deploying an application for Mac but feel like I'm stuck at the last hurdle and out of ideas so I'm reaching out for help.
My application is successfully signing but during the build and when my Notarize.js is running it seems to get stuck indefinitely.
I can check and see the status of the Notarize attempts but they seem to be stuck "In Progress". Here are the logs.
Successfully received submission history.
history
--------------------------------------------------
createdDate: 2025-01-06T00:59:45.245Z
id: 1dc39b5f-fdca-4bf2-a6f6-fa793de2786e
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-04T08:01:36.168Z
id: c575b015-edd6-4e09-8da5-7ae09f4f67db
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T08:30:31.528Z
id: 570ae540-8cce-4418-ab09-7f6be33dc245
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T07:57:56.701Z
id: 42748de8-026a-4663-9fd2-88c7608588d3
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T06:30:19.569Z
id: 5140caa0-df14-491a-b148-82015f9856da
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T05:56:28.916Z
id: 535c6be1-4999-4b3e-9766-42512a8deb67
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T02:51:04.893Z
id: ead2268c-62b2-4b4b-8850-c1cdb5313d6a
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T01:50:51.954Z
id: d0c44281-a788-4704-a057-4620d284516d
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-03T00:48:54.445Z
id: 3d13727c-06a3-49d7-902b-4001522107c3
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T13:35:26.715Z
id: 1823a550-a9ff-467a-8a60-dd3e42305258
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T13:23:41.894Z
id: cbc341a2-9a51-43d6-83ae-713443c84fec
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T12:21:44.561Z
id: 1af34419-655f-49b8-bea0-05b4232c46a7
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T11:34:03.732Z
id: 8c4ab3b5-2ea9-4220-9667-94011bcf76fb
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T11:19:16.052Z
id: 093dfb8a-9058-417d-acd3-8ea5d0bb654a
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T11:13:14.676Z
id: 556b7c1c-d114-4717-b0f7-4f1614ada845
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T10:52:36.834Z
id: ce3d3c8a-d218-4978-8757-2ca9d12aad76
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T09:27:13.535Z
id: b65ec764-baab-444d-809b-e4242d70548b
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T09:27:01.176Z
id: be228acc-e6a2-48f2-937b-5b2962275052
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T09:19:19.182Z
id: d99fc10b-c424-4d0c-a2aa-37a9e9165d91
name: Popcorn-1.0.0.dmg
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T08:55:43.064Z
id: 2e7f8df7-9c0b-4dd0-8df7-8f3428c0bfa0
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T08:19:48.676Z
id: 678355da-e413-4b1a-92a8-776a6ff6a055
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T07:58:48.278Z
id: 8591f8d7-1d57-4e80-af90-d77190160a20
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T07:54:41.193Z
id: f029dfeb-3f14-4f65-83e2-d9356ef6ac00
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T07:27:50.613Z
id: 574f2563-d533-4885-947a-2f57170196af
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T07:09:54.203Z
id: 589f7f3a-d231-4911-8ad6-9d2c15a61ac0
name: popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T05:39:02.574Z
id: 9edd43de-6d14-4743-87fc-ab570bee7399
name: Popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T04:36:12.342Z
id: ba02116d-1aad-4521-8667-ad086b14c1cb
name: Popcorn.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-01-02T03:22:49.185Z
id: b8585c81-b7f5-4c35-9bd6-62157c6ce4bc
name: Popcorn.zip
status: In Progress
Hi there, I've developed a macOS app in Swift and SwiftUI. I'm planning to distribute the app outside of the App Store, so I'm currently getting it notarized. This is my first time notarizing an application.
My application is signed correctly during the build / archive process, but whether I try to notarize the .app via Xcode's organizer or a .dmg via notarytool, it seems to get stuck.
The status of Notarization attempts have been been stuck "In Progress", with the earliest attempt approaching 4 days.
Below is the output of xcrun notary tool history
Successfully received submission history.
history
--------------------------------------------------
createdDate: 2025-01-01T08:25:21.033Z
id: be860d89-9edd-4330-9358-aa3766772041
name: Sidekick.zip
status: In Progress
--------------------------------------------------
createdDate: 2024-12-31T17:08:37.493Z
id: 9cbd609e-d287-4217-afe3-362386159805
name: Sidekick-beta.dmg
status: In Progress
--------------------------------------------------
createdDate: 2024-12-31T15:35:11.609Z
id: 3e22c207-e156-410d-a0d1-24a587bfdca6
name: Sidekick.zip
status: In Progress
I've been searching for similar issues on the developer forums, and while others have warned about long wait times for first-time notarization requests, I've never come across anyone else who had to wait 4 days.
Hello Team,
I am building an Electron app and building platform-related installers line exe, appimage and dmg. To build an installer, I am using the electron builder library.
When I do code signing and notarization, the signing process gets stuck without any error. I have verified certificate and other information are correct. Below are more details.
Versions
@electron/notarize": "^2.5.0
@electron/rebuild": "3.3.0
electron": "26.2.1
electron-builder": "^25.1.8
electron-devtools-installer": "3.2.0
Current Setup
CircleCI pipeline
Developer ID Application certificate is properly installed and verified
Notarization is configured in both package.json and build arguments
I see the last log as below where it gets stuck without any error.
• selecting signing options file=release/build/mac-arm64/xxxx Assistant.app entitlements=assets/entitlements.mac.plist hardenedRuntime=true timestamp=http://timestamp.apple.com/ts01 requirements=undefined additionalArguments=[]
Package.json
"build": {
"productName": "xxxxx - Your AI Work xxxxx",
"executableName": "xxxx xxxxx",
"artifactName": "xxxxx-Assistant-${version}-${arch}.${ext}",
"appId": "org.erb.xxxx",
"asar": true,
"asarUnpack": "**\\*.{node,dll}",
"files": [
"dist",
"node_modules",
"package.json",
"assets/tray.ico",
"!**/*.lproj/**/*",
"!**/locale.pak",
"!locales/**/*"
],
"afterSign": ".erb/scripts/notarize.js",
"mac": {
"timestamp": "http://timestamp.apple.com/ts01",
"identity": "xxxxx Technology Inc (xxxxxxxx)",
"target": [
"dmg",
"zip"
],
"electronLanguages": [
"en-US"
],
"icon": "build/mac-icon/Logo512x512.icns",
"type": "distribution",
"hardenedRuntime": true,
"entitlements": "assets/entitlements.mac.plist",
"entitlementsInherit": "assets/entitlements.mac.plist",
"gatekeeperAssess": false
},
"dmg": {
"icon": "build/mac-icon/xxxxxxLogo512x512.icns",
"contents": [
{
"x": 130,
"y": 220
},
{
"x": 410,
"y": 220,
"type": "link",
"path": "/Applications"
}
]
},
"directories": {
"app": "release/app",
"buildResources": "assets",
"output": "release/build"
},
"extraResources": [
"./assets/**"
]
}
Entitlement
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<!-- Required for Electron/Chromium JIT -->
<key>com.apple.security.cs.allow-jit</key>
<true/>
<!-- Required for basic Electron functionality -->
<key>com.apple.security.inherit</key>
<true/>
<!-- Required for network communication (REST APIs) -->
<key>com.apple.security.network.client</key>
<true/>
</dict>
</plist>
I have made the following verification.
I already tried on multiple macos with different processors.
Verified on a high-speed network.
Certificate is exported to .p12 and verified.
All Env Variables are set with the correct value. (APPLE_APP_SPECIFIC_PASSWORD+APPLE_ID+APPLE_TEAM_ID )
I have tried with CSC_LINK/CSC_KEY_PASSWORD + Keystore as well.
Appriciate any help.
My app has been "In Progress" for over a day. It's release date and these absurd behaviours are happening. Hasn't Apple been able to fix this? We're approaching 2025 with issues that have been happening since 2023. Are these guys serious or they just ignore these issues?