Notarization

RSS for tag

Notarization is the process of scanning Developer ID-signed software for malicious components before distribution outside of the Mac App Store.

Posts under Notarization tag

200 Posts

Post

Replies

Boosts

Views

Activity

Notarisation Resources
General: Forums topic: Code Signing Forums subtopic: Code Signing > Notarization Forums tag: Notarization WWDC 2018 Session 702 Your Apps and the Future of macOS Security WWDC 2019 Session 703 All About Notarization WWDC 2021 Session 10261 Faster and simpler notarization for Mac apps WWDC 2022 Session 10109 What’s new in notarization for Mac apps — Amongst other things, this introduced the Notary REST API Notarizing macOS Software Before Distribution documentation Customizing the Notarization Workflow documentation Resolving Common Notarization Issues documentation Notary REST API documentation TN3147 Migrating to the latest notarization tool technote Fetching the Notary Log forums post Q&A with the Mac notary service team Developer > News post Apple notary service update Developer > News post Notarisation and the macOS 10.9 SDK forums post Testing a Notarised Product forums post Notarisation Fundamentals forums post The Pros and Cons of Stapling forums post Resolving Error 65 When Stapling forums post If your notary requests are stuck in the In Progress state, see my reply here. If your notary requests are failing with Team is not yet configured for notarization, see my reply here and also the follow-up here. Many notarisation issues are actually code signing or trusted execution issue. For more on those topics, see Code Signing Resources and Trusted Execution Resources. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"
0
0
5.6k
3w
Every notarization submission Rejected with status 7000 "Team is not yet configured for notarization" for 2 months — support cannot resolve (Team T24AV8CUXS)
Our organization team has been unable to notarize anything for two months. Every submission is Rejected with statusCode 7000, and Developer Support has not been able to resolve it across two cases and eight contacts. We are stuck and cannot distribute our app. Facts: Team: CopVPN, Inc. — Team ID T24AV8CUXS (organization membership, paid and active, all program agreements accepted by the Account Holder) Developer ID Application and Developer ID Installer certificates are issued and work: our signed .pkg builds and verifies cleanly with codesign/pkgutil Every notarytool submission since 15 May 2026 is Rejected with statusCode 7000. The log shows "issues": null — there is nothing wrong with the package; the team itself has never been enabled for the notary service. Latest submission log (verbatim): { "logFormatVersion": 1, "jobId": "a881050a-19b3-4ea6-a068-18b7d68996d7", "status": "Rejected", "statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support at developer.apple.com under the topic Development and Technical / Other Development or Technical Questions.", "statusCode": 7000, "archiveFilename": "CopVPN-3.5.0.pkg", "uploadDate": "2026-07-15T19:30:28.363Z", "sha256": "00ca96e23b69e013b3f27d2244f0e9f9e506e6c8aa2da1b91c34a5f584f27fb9", "ticketContents": null, "issues": null } Submission history (all Rejected, all statusCode 7000): 2026-05-15: c200b3bc-c47e-4524-9a33-5e36594ddd10, 760668b2-cceb-4a23-b820-027c7980b05a, e0115047-d1a1-4598-83b5-60f31cbbf12c, fe35a8fa-dc74-4e0c-8204-69bcea7a12a1 (CopVPN-3.3.3.pkg) 2026-05-27: 6defc76d-8a9a-458f-94f7-e6967a435ec2, 6df6fc0b-177d-4975-bbaf-c357991a4361 (CopVPN-3.3.3.pkg) 2026-07-13: 828d85c2-0419-48a9-a897-e95638ce10f3 (CopVPN-3.5.0.pkg) 2026-07-15: a881050a-19b3-4ea6-a068-18b7d68996d7 (CopVPN-3.5.0.pkg) Support history — two cases, both phone and email, including exactly the topic named in the error message: Case 102893198830 (Membership and Account / Developer Team Management): email May 18, call May 21, email Jun 2, email Jun 18, call Jul 13, call Jul 14 (all 2026) Case 102901823867 (Development and Technical / Other Development or Technical Questions): emails May 28 and May 29, 2026 Every contact ends the same way: the team is still not configured, and we are told to wait. Nothing has changed in two months. Also filed as Feedback Assistant report. Environment: notarytool 1.1.2 (41), macOS 26.5.2. Ask: could someone from Apple please escalate this to the notary service / Developer ID operations team so that Team T24AV8CUXS is configured for notarization? This is a pure account-provisioning flag; the support loop has not reached whoever can flip it. Happy to provide any further details here or in the FB report.
2
0
69
1d
Notary service: submissions stuck "In Progress" for days, never completing
I'm hitting what looks like a service-side notarization problem and could use a pointer on how to get it escalated. Over the past 3 days I've submitted 9 times with notarytool. Only 2 came back Accepted. The other 7 are stuck at "In Progress" and never reach a terminal state, no Accepted, no Invalid, no log (notarytool log says it isn't available yet), and no email. The oldest has been sitting ~71 hours. Signing checks out: codesign --verify --deep --strict passes and satisfies the Designated Requirement, hardened runtime with a secure timestamp, no get-task-allow, signed with my Developer ID, and the DMGs are signed before submission. The 2 submissions that completed were Accepted, so credentials and signing are fine. It really looks like the service just isn't processing most of my submissions. This is a newly enrolled account, and I've filed FB22939442 and have an open Developer Support case. Is this a known issue for new accounts, and is there a way to get these submissions looked at? Environment: macOS 26.2, Xcode 26.5, notarytool 1.1.2 (41).
18
3
1.1k
2d
Developer ID notarization submissions stuck In Progress after app transfer
I’m seeing several Developer ID notarization submissions stuck in “In Progress” after an app transfer. This is for a macOS app distributed outside the Mac App Store. The app was recently transferred to a new Apple Developer team. After the transfer, notarization uploads succeed, but the submissions never complete. The app appears to be Developer ID signed correctly with the new team. I submitted the app through both Xcode Direct Distribution and command-line notarytool. The upload succeeds, but the submissions remain in “In Progress”, and no notarization log is available. Example submission IDs: 5e411dc6-0610-4f9c-8eef-e2a3d0b6a2fb 01bdeeda-3c7e-421a-ae72-6dc081b75e79 986b0c5e-e32f-489f-bc86-3b3c7d7ec91d 193f29b7-b23a-40e7-8324-c076859ca843 notarytool log returns: Submission log is not yet available or submissionId does not exist I also see older submissions from the previous day still stuck in “In Progress”, so this does not look like a normal notarization delay. I’m trying to determine whether this is caused by the recent app transfer / Team ID change, or whether there is anything else I can check locally. Questions: Is it expected for Developer ID notarization jobs to remain “In Progress” for more than a day with no log available? Is there any known issue with Developer ID notarization after an app transfer? If the upload succeeds but no log is ever generated, is there a recommended escalation path for stuck notarization backend jobs?
3
0
907
5d
statusCode 7000 "Team is not yet configured for notarization" — persistent for 2 months, Developer Support stalled
I'm hitting a persistent notarization failure for a new organization team and I've exhausted the Developer Support route (case 102898059793, open since early June with no state change), so I'm hoping someone here can help me understand what statusCode 7000 actually requires. Setup: Team: H4N8Z7K4S4 (SmashMelon LLC, US organization, enrolled May 1, 2026; I'm the Account Holder) App: macOS app, Developer ID direct distribution, hardened runtime, secure timestamp; codesign --verify --deep --strict passes locally The same team ships iOS updates via App Store Connect with no problems Latest Program License Agreement accepted (June 20, 2026) Every notarization submission since May 19 — via both Xcode Organizer and notarytool — is rejected with the identical log: "status": "Rejected", "statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support...", "statusCode": 7000, "issues": null Recent submission IDs, should anyone at Apple want to look them up: 7ec8ec66-ab23-46e3-996f-22ff9f463593 (June 15) f7546486-255e-484c-a08f-dd6a2df391df (June 17) 56754783-3436-4142-84a4-d8cbfe400fc1 (June 23) 79f3a014-812f-4cca-969c-e41a432c24fe (July 6) issues:null on every log suggests the binary is never scored at all — the rejection happens at a team-level gate. One possibly-relevant observation: the Certificates section of the developer portal (and the App Store Connect API) lists no certificate of any kind for this team — signing happens via Xcode's cloud-managed signing. So the error's literal wording may be accurate: the team's Developer ID configuration may genuinely never have been provisioned. Notably, Apple's cloud signing service happily issues Developer ID signatures for this team — it's only the notary service that refuses it. The two systems appear to disagree about whether this team is provisioned. Developer Support requested identity and company verification (passport, formation documents, IRS 147-C, etc.), which I uploaded via their secure link on June 15. Since then, three more submissions have been rejected with the unchanged 7000 result, and the case status has been "still under investigation" for four straight weeks. Questions: What does statusCode 7000 actually gate on? Is there anything an Account Holder can do from the portal side, or is this purely an internal provisioning flag? Is there a way to get this escalated to whoever owns team provisioning? Two months without the ability to ship a bug-fix build to direct-distribution users is getting hard to absorb. Happy to provide any additional detail. Thanks!
1
0
89
5d
New team stuck at statusCode 7000 "Team is not yet configured for notarization"
I'm trying to notarize a macOS app under my individual team, WPJCQG3698. I enrolled in the Apple Developer Program in June 2026. Membership is active, all agreements are accepted, and the Developer ID Application certificate is valid. All 12 notarytool submissions since June 20 have failed the same way: statusCode: 7000 statusSummary: Team is not yet configured for notarization issues: null I'm authenticating with an App Store Connect team API key. Authentication and upload succeed every time, then the submission gets rejected in under a minute. As a control I copied /bin/ls, signed the copy with the same certificate, and submitted that. Same error, so it doesn't look app-specific. The latest submission is 03369f51-9929-4ec1-8940-e488cf1d00a7, uploaded 2026-07-10T08:30Z. Developer Programs Support case 102922992178 has been open since June 23 and was escalated to engineering on July 7. I retried today and nothing changed. This has been blocking our macOS release for three weeks now and I'm out of things to check on my side. Have I missed an account-side step, or is this something only Developer Programs Support can fix for the team?
1
0
120
5d
statusCode 7000 "Team is not yet configured for notarization" — 15+ days, cases open, no resolution
All notarization submissions for our team are Rejected with statusCode 7000: "Team is not yet configured for notarization." Team ID: LAC4584ST7 Account type: Organization (NextGen Digital FZCO) Membership: active — two apps already live on the App Store under this same team This is our first Developer ID (non-App Store) app. We have contacted Developer Programs Support under Development and Technical / Other Development or Technical Questions (as the 7000 error message instructs). Open cases: 102922996437, 102935309284, 102937482501. So far only automated acknowledgments — no engineering resolution after 15+ days. I understand this is an account-provisioning issue only Developer Programs Support engineering can resolve, not DTS. Posting here in case another affected developer has found what finally unblocked it, and to flag how long this has been stuck. Any guidance on the expected timeline, or anything on our side that could be blocking provisioning, would be appreciated.
1
0
69
1w
Developer ID Application cert rejected by notarytool for kext ("not signed with a valid Developer ID certificate") — still required in 2026?
Hi all, Working on a personal-use kernel extension (not for distribution, just my own Mac) and hitting a wall between Reduced Security and notarization. A lot of existing threads on this are from 2018–2022, so hoping someone can confirm what's still current. Setup: Apple Silicon, macOS 27 (Golden Gate beta) Boot Security Policy: Reduced Security with "Allow user management of kernel extensions from identified developers" enabled (confirmed via bputil -d) Standard $99/year Developer Program membership Kext signed with a standard Developer ID Application cert (via normal CSR through Keychain Access) What happened: codesign -dvvv shows a clean signature — valid Authority chain, correct TeamIdentifier, timestamped. No issues. But kmutil load -p rejects it: Authenticating extension failed: Bad code signature I understood from an older DTS reply that notarization was the missing piece, so I ran it through notarytool. Upload/auth succeeded, but the result came back Invalid: { "severity": "error", "message": "The binary is not signed with a valid Developer ID certificate.", "architecture": "arm64e" } Question: Is a standard Developer ID Application cert genuinely insufficient for kext notarization, and is the kext-signing entitlement (via /contact/kext/) still the only way to get a cert with the right extension (OID 1.2.840.113635.100.6.1.18)? Or has this changed for personal use recently? Apple's own Contact page for that form says: "You don't need to request a certificate to sign your kernel extension for personal use... signature checking can be disabled as described in the SIP Guide." That implies Reduced Security + personal kext shouldn't need the special cert — but my results suggest otherwise. Am I missing a step, or is there a documentation gap? Happy to share kmutil print-diagnostics output if useful. Thanks!
2
0
167
1w
statusCode 7000 "Team is not yet configured for notarization" — persists 10+ days, team 5JDP238JFX
Every notarytool submit from my team is rejected with: "status": "Rejected", "statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support…", "statusCode": 7000 This has persisted for 10+ days across many submissions (most recent job ID 00042820-f5d8-4c6b-a178-9b98d247170d, 2026-07-09). I distribute a macOS app outside the Mac App Store via Developer ID, so there is intentionally no App Store Connect app record. Everything on my side is verified correct: Apple Developer Program membership is active (Individual), team ID 5JDP238JFX. Valid Developer ID Application certificate; codesign --verify --strict passes with hardened runtime + secure timestamp; the signature chains cleanly to Apple Root CA. notarytool authenticates successfully — notarytool history returns my submission list — so credentials and team are correct; only notarization eligibility appears not to be enabled. I've signed in as Account Holder and see no pending agreements to accept. (← edit this line to match what you actually find — see note below.) My trader information was recently approved (received Apple's confirmation email). I've filed a Developer Program Support request but have had no response in over a week. The statusSummary reads like a team-level provisioning flag that hasn't been enabled. Ask: Can a DTS/forums engineer help get the notary service provisioned/enabled for team 5JDP238JFX, or point me to what account-side step is still outstanding? Happy to provide additional submission IDs or logs.
1
0
155
1w
Notarization submissions disappeared from history; signed DMG still unnotarized
Hello Apple Developer Support, I need help with several macOS notarization submissions for my app "Dollar Desktop Pet" 1.0.0. Team ID: Q7FF775479 Developer ID: Developer ID Application: JUNSEN LIU (Q7FF775479) Bundle ID: com.dollar.desktoppet App type: Universal Electron macOS app, Developer ID signed, hardened runtime enabled Update as of 2026-07-05T21:23Z: The same keychain profile still works for a control/probe submission: 626063b7-643e-4b3d-aeb0-430532fa4ca9 Name: DollarNotaryProbe.zip Created: 2026-07-01T04:58:19.608Z Status: Accepted However, xcrun notarytool history --keychain-profile dollar-notary now only returns that probe submission. It no longer lists any Dollar Desktop Pet submissions. When queried directly, these Dollar submission IDs now return: "Submission does not exist or does not belong to your team." Affected submission IDs: 4e3c96b2-19fc-4b8b-844e-c95ca9242f11 Signed DMG submitted 2026-07-04T02:31:10.690Z 26f558b5-ea70-4196-8923-a77beb9fdc70 App-only ZIP submitted 2026-07-04T02:39:21.525Z f36faef2-14b8-4edb-b7e5-5db1bd3e1e17 Older DMG submitted 2026-06-26T22:28:21.305Z Local verification: The signed DMG verifies locally with Developer ID and timestamp. The app bundle verifies with: codesign --verify --deep --strict --verbose=4 The app is universal, hardened runtime, and uses Electron-standard entitlements. The local signed DMG still has no stapled ticket. Gatekeeper still rejects it only as: source=Unnotarized Developer ID origin=Developer ID Application: JUNSEN LIU (Q7FF775479) This is not an Accepted or Invalid result. It looks like the Dollar submissions either disappeared from the team view or are in a backend state that notarytool can no longer address, while the same profile can still read the accepted probe submission. Can Apple confirm what happened to these submission IDs, and whether I should wait, resubmit, or change packaging? Thank you.
1
0
189
1w
First-time notarization stuck "In Progress" for 48+ hours (new Developer Program account)
Hello, I recently enrolled in the Apple Developer Program (Program License Agreement accepted 2026-07-03) and this is my first-ever notarization. All submissions have been stuck at status "In Progress" for over 48 hours and never reach Accepted or Invalid. "xcrun notarytool log" returns "Submission log is not yet available". I have verified everything on my side is correct: Signed with Developer ID Application (Team ID AXGBW2496Q) Hardened runtime enabled (flags=0x10000 runtime) Secure timestamp present codesign --verify --deep --strict passes ("satisfies its Designated Requirement") No get-task-allow entitlement notarytool credentials validate successfully All account agreements are accepted; none pending Could you please look into why these submissions are not completing? Team ID: AXGBW2496Q Submission IDs (all stuck In Progress): 3667a654-bd7e-40a9-927c-c919875aaf61 ffd1fcbf-ebf4-47cb-9a15-29731f973a86 98082a85-19d4-4efe-8119-36400dd1560c The app is a small (~360 KB) macOS utility. Thank you for any help.
1
0
162
1w
Notarization submissions stuck in "In Progress" for over 24 hours (Developer ID)
Hi Apple Developer Support, My Developer ID notarization submissions are stuck in “In Progress” for over 24 hours with no terminal state. Team ID: KYM5Q9Y394 Stuck submissions: e3bedb66-3821-4737-8e9c-c1620e06ffea (2026-06-30T10:54:50.954Z) 5127868d-1953-4ab1-9be7-f26fc14804d9 (2026-06-30T10:45:54.870Z) 830069c1-037f-4bd8-a79a-0f445839603c (2026-06-30T10:38:54.060Z) All were uploaded via notarytool and remain “In Progress”. Codesign verification passes locally, and earlier submissions were accepted (e.g. 6e1617c3-b612-4fce-9165-286c71dce56d). Could you please check whether these submissions are stuck in backend processing and advise next steps? Thank you.
4
0
330
2w
Notarization submissions stuck in "In Progress" for 7+ hours (new account, System Status green, all accepted)
Hi — I'm trying to notarize a Developer ID–signed macOS app (a small menu-bar .dmg, ~1.4 MB) and every submission has been stuck at status: In Progress for 7+ hours without ever reaching Accepted or Invalid. The Developer System Status page shows the Notary Service as green/operational. This is a recently enrolled account (Individual) and these are its first notarization submissions, so I suspect a first-time-on-new-account hang, but wanted to get it looked at. Team ID: C4GLRN98Q7 Submission IDs (all still In Progress): a206d94b-c0e7-4901-a35e-daaf69c8ec65 — created 2026-06-25 19:02 UTC (oldest, ~7h+) 71d08fb3-0ae0-413a-8004-e3fb99721403 — 2026-06-25 19:32 UTC a6687302-d7b2-43be-8098-1442f0b1d4ab — 2026-06-25 19:45 UTC a8428002-0cd0-4d46-bc6d-8e95b9df409b — 2026-06-25 19:58 UTC cb8602bf-386e-4d98-9d1a-ad7e5308e629 — 2026-06-26 02:16 UTC (newest) What I'm doing: Signing with codesign --options runtime --timestamp using a Developer ID Application cert, then submitting the .dmg with xcrun notarytool submit … --keychain-profile … --wait. codesign --verify --strict passes locally. xcrun notarytool info returns valid submission metadata, just perpetually In Progress. The very first --wait died on a local network drop, but the submission had already uploaded 100% and kept processing server-side; I have not been spamming — the repeats above were a handful of retries before I realized they were all hanging. I've stopped submitting new ones. Could someone check why these submissions aren't completing? Happy to provide a notarytool log once any of them finishes. Thanks!
1
0
303
2w
Notarisation stuck "In Progress" 15h on a new Developer ID cert — even a hello-world is stuck (same pattern as the recent multi-day threads?)
I'm hitting what looks like the same service-side notarisation issue reported recently (e.g. the "submissions stuck In Progress for days" thread / FB22939442), and would appreciate having my submissions looked at on the backend. Since 2026-06-25 ~12:00 UTC, every notarytool submission from my team goes to "In Progress" and never reaches a terminal state — no Accepted, no Invalid, no log (Submission log is not yet available, though info resolves the ID fine). The oldest is ~15 hours. Signing checks out: codesign --verify --strict passes and satisfies the Designated Requirement, hardened runtime with a secure timestamp, no get-task-allow, Developer ID Application. My builds notarised normally yesterday (e.g. 1ad9878b, Accepted 2026-06-24) — but those were on my previous Developer ID certificate. That cert's private key was lost (orphaned login keychain after a reboot), so I re-issued the Developer ID cert on 2026-06-25, and every submission on the new cert has been stuck since. Key data point: a trivial 5.8 KB signed "hello world" CLI binary (8c138308 below) also hangs "In Progress", so this is account/team-level, not app content. This lines up with the new-Developer-ID evaluation described in the Notarisation Resources Q&A, but several of mine are now past the usual window. Team: Creative Machines Limited (V95N2B8X7A) Feedback: FB23407538 Stuck submission UUIDs (oldest first): ef4af6d3-5750-4213-a108-584c75a861cc – 2026-06-25 ~11:59 UTC (oldest) 2d435abc-af77-4447-b2c8-94572b723f34 404a7d9d-9713-42df-99b6-1f144bc27ba1 8c138308-f23f-4df1-85f9-29095587f42b – the 5.8 KB hello-world This is the only blocker before I can distribute. Is there any way to get these specific IDs cross-referenced against the notary backend queue? Happy to share signed artifacts or the full notarytool poll log. Environment: macOS 26.4.1 (25E253), Xcode 26.5, notarytool 1.1.2 (41).
1
0
323
3w
Code Signing and Notarizing Open-Source unsigned binaries
Hi, I am trying to build an installer package of an usual(?) format: it contains a binary that I am developing code signing and notarization is straightforward here. it contains a 3rd-party binary that is open source, code signed and notarized by this third party code signing and notarization is also straightforward here as it's already been done. it also contains a 3rd-party binary that is also open source, however, it is not code signed or notarized This last one is the subject of my question. It is a well-established project with thousands of stars on GitHub, however their own "installation method" is a shell script that downloads the binary, checks its checksum and just places it in the right location. When building an installer package (it's an installer package of these three binaries packaged - productbuild with --distribution flag) this binary needs to be code signed and notarized for Developer ID distribution. I trust this binary, however the chance of supply chain attacks is never zero. My questions are: How can I shield myself best against accidentally submitting a malicious version of this third binary via notarytool to Apple? Should I separately submit versions of this binary for notarization from submitting new versions of my app? This binary is bound to change way less frequently than the app I'm actually developing. I really don't want to risk termination of my Apple Developer account because it has many high-value applications available. I am doing some basics - matching the intended checksum before packaging, signing with the hardened runtime entitlement - but I would love to hear if there's other steps I can do to protect this pipeline and my company from accidents like these that may unintentionally damage our reputation. Thanks in advance!
4
1
337
3w
First-time notarization stuck "In Progress" for over 24 hours — small Premiere Pro plugin (.pkg)
Hello, I submitted a .pkg installer for notarization on 2026-06-23 at 05:26 UTC, and more than 24 hours later the status is still In Progress. This is the first time I notarize this particular software — a small, lightweight Adobe Premiere Pro plugin — so I have no previous turnaround time to compare against. From what I understand, notarization usually completes within minutes to an hour, so a delay of this length feels abnormal and I'm not sure whether it's expected. Submission details Submission ID: 28b6be07-6bf0-4456-b6f1-6c2f7da27409 Submitted (UTC): 2026-06-23 05:26:37 Tool: xcrun notarytool (authenticated via a stored keychain profile) Package: .pkg installer for a small Premiere Pro plugin Status: In Progress (never moves past this state) The build was submitted successfully with no error and returned a valid submission ID. Running notarytool log does not yet return a log, since processing hasn't completed. Questions Is there currently a known notarization backlog or service delay on Apple's side? Can a first-time submission for a given product take noticeably longer than usual (e.g. an initial review)? What is a realistic maximum processing time before a submission should be considered stuck rather than simply slow? Should I wait, or cancel and resubmit? I'd rather not create duplicate submissions if it won't help. Thanks in advance for any guidance. Best regards, Robin
1
0
290
3w
Developer ID notarization stuck "In Progress" for 24+ hours, logs unavailable
Subject: Developer ID Notarization submissions stuck in “In Progress” for over 24 hours Developer Team ID: R6KKTZV8SL Environment: macOS 26.2 (Build 25C56) notarytool version: 1.0.0 (38) I am unable to complete notarization of any submissions. Affected submission IDs: 53fb3f5e-45e1-4435-9b46-6420d3fc1c98 Created: 2026-06-22T17:17:47.385Z Status: In Progress 37e99554-376f-419f-8648-cf8ba39ea1ff Created: 2026-06-22T18:13:35.034Z Status: In Progress 0af4a2be-aa8d-4bed-ab0b-173bd1b62538 Created: 2026-06-23T02:29:35.134Z Status: In Progress To rule out issues with my application bundle, I also submitted a minimal test archive (test.zip). That submission is also stuck in “In Progress”. The issue affects every notarization submission I have attempted. Commands used: xcrun notarytool submit … xcrun notarytool history –keychain-profile breather-notary xcrun notarytool info –keychain-profile breather-notary The submissions appear in history and info and remain in “In Progress”. Additionally, attempting to retrieve logs returns: “Submission log is not yet available or submissionId does not exist” Could you please investigate whether there is an issue with notarization processing for my team/account or a backend service issue affecting these submissions?
1
0
270
3w
Notarytool stuck at "In Progress"
I've been trying to notarize an installer (.pkg file) on a new laptop. Previous versions have been notarized successfully on a previous Mac. However, in spite of having the required certificates (same as the old Mac, generated for the new Mac) the submission gets stuck at "In Progress". Doing it multiple times (even hours apart) doesn't help. Is there a FAQ / suggested list of steps to help resolve this issue? Here's what I see: xcrun notarytool history --keychain-profile "(my profile name)" results in (problem started with v4, the first version I've tried on this new Mac): createdDate: 2023-10-17T01:34:36.911Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v4.pkg status: In Progress -------------------------------------------------- createdDate: 2023-10-17T01:33:59.191Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v4.pkg status: In Progress -------------------------------------------------- createdDate: 2023-10-16T21:01:25.832Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v4.pkg status: In Progress -------------------------------------------------- createdDate: 2023-10-16T19:57:44.776Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v4.pkg status: In Progress -------------------------------------------------- createdDate: 2023-10-02T14:17:34.108Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v3.pkg status: Accepted -------------------------------------------------- createdDate: 2023-09-28T14:04:46.211Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v2.pkg status: Accepted -------------------------------------------------- createdDate: 2023-09-20T17:28:46.168Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v1.pkg status: Accepted -------------------------------------------------- xcrun notarytool log xxxxxxxxxxxxxxxxxxxx --keychain-profile "(my profile name)" results in: Submission log is not yet available or submissionId does not exist id: xxxxxxxxxxxxxxxxxxxxxxxx
37
4
11k
3w
26.5.1 does not ask my notarized app for mic permission
My app runs as expected when debugging, trigging the MacOS to ask the user for permission to use the microphone. The notarized version of the app does not have the MacOS asking for user permission but the app gets the message 'User rejected permission'. I'm seeing this after upgrading to 26.5.1 and so is one of my users. What changed in getting microphone permission?
1
0
378
4w
Notarisation Resources
General: Forums topic: Code Signing Forums subtopic: Code Signing > Notarization Forums tag: Notarization WWDC 2018 Session 702 Your Apps and the Future of macOS Security WWDC 2019 Session 703 All About Notarization WWDC 2021 Session 10261 Faster and simpler notarization for Mac apps WWDC 2022 Session 10109 What’s new in notarization for Mac apps — Amongst other things, this introduced the Notary REST API Notarizing macOS Software Before Distribution documentation Customizing the Notarization Workflow documentation Resolving Common Notarization Issues documentation Notary REST API documentation TN3147 Migrating to the latest notarization tool technote Fetching the Notary Log forums post Q&A with the Mac notary service team Developer > News post Apple notary service update Developer > News post Notarisation and the macOS 10.9 SDK forums post Testing a Notarised Product forums post Notarisation Fundamentals forums post The Pros and Cons of Stapling forums post Resolving Error 65 When Stapling forums post If your notary requests are stuck in the In Progress state, see my reply here. If your notary requests are failing with Team is not yet configured for notarization, see my reply here and also the follow-up here. Many notarisation issues are actually code signing or trusted execution issue. For more on those topics, see Code Signing Resources and Trusted Execution Resources. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"
Replies
0
Boosts
0
Views
5.6k
Activity
3w
Every notarization submission Rejected with status 7000 "Team is not yet configured for notarization" for 2 months — support cannot resolve (Team T24AV8CUXS)
Our organization team has been unable to notarize anything for two months. Every submission is Rejected with statusCode 7000, and Developer Support has not been able to resolve it across two cases and eight contacts. We are stuck and cannot distribute our app. Facts: Team: CopVPN, Inc. — Team ID T24AV8CUXS (organization membership, paid and active, all program agreements accepted by the Account Holder) Developer ID Application and Developer ID Installer certificates are issued and work: our signed .pkg builds and verifies cleanly with codesign/pkgutil Every notarytool submission since 15 May 2026 is Rejected with statusCode 7000. The log shows "issues": null — there is nothing wrong with the package; the team itself has never been enabled for the notary service. Latest submission log (verbatim): { "logFormatVersion": 1, "jobId": "a881050a-19b3-4ea6-a068-18b7d68996d7", "status": "Rejected", "statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support at developer.apple.com under the topic Development and Technical / Other Development or Technical Questions.", "statusCode": 7000, "archiveFilename": "CopVPN-3.5.0.pkg", "uploadDate": "2026-07-15T19:30:28.363Z", "sha256": "00ca96e23b69e013b3f27d2244f0e9f9e506e6c8aa2da1b91c34a5f584f27fb9", "ticketContents": null, "issues": null } Submission history (all Rejected, all statusCode 7000): 2026-05-15: c200b3bc-c47e-4524-9a33-5e36594ddd10, 760668b2-cceb-4a23-b820-027c7980b05a, e0115047-d1a1-4598-83b5-60f31cbbf12c, fe35a8fa-dc74-4e0c-8204-69bcea7a12a1 (CopVPN-3.3.3.pkg) 2026-05-27: 6defc76d-8a9a-458f-94f7-e6967a435ec2, 6df6fc0b-177d-4975-bbaf-c357991a4361 (CopVPN-3.3.3.pkg) 2026-07-13: 828d85c2-0419-48a9-a897-e95638ce10f3 (CopVPN-3.5.0.pkg) 2026-07-15: a881050a-19b3-4ea6-a068-18b7d68996d7 (CopVPN-3.5.0.pkg) Support history — two cases, both phone and email, including exactly the topic named in the error message: Case 102893198830 (Membership and Account / Developer Team Management): email May 18, call May 21, email Jun 2, email Jun 18, call Jul 13, call Jul 14 (all 2026) Case 102901823867 (Development and Technical / Other Development or Technical Questions): emails May 28 and May 29, 2026 Every contact ends the same way: the team is still not configured, and we are told to wait. Nothing has changed in two months. Also filed as Feedback Assistant report. Environment: notarytool 1.1.2 (41), macOS 26.5.2. Ask: could someone from Apple please escalate this to the notary service / Developer ID operations team so that Team T24AV8CUXS is configured for notarization? This is a pure account-provisioning flag; the support loop has not reached whoever can flip it. Happy to provide any further details here or in the FB report.
Replies
2
Boosts
0
Views
69
Activity
1d
Notary service: submissions stuck "In Progress" for days, never completing
I'm hitting what looks like a service-side notarization problem and could use a pointer on how to get it escalated. Over the past 3 days I've submitted 9 times with notarytool. Only 2 came back Accepted. The other 7 are stuck at "In Progress" and never reach a terminal state, no Accepted, no Invalid, no log (notarytool log says it isn't available yet), and no email. The oldest has been sitting ~71 hours. Signing checks out: codesign --verify --deep --strict passes and satisfies the Designated Requirement, hardened runtime with a secure timestamp, no get-task-allow, signed with my Developer ID, and the DMGs are signed before submission. The 2 submissions that completed were Accepted, so credentials and signing are fine. It really looks like the service just isn't processing most of my submissions. This is a newly enrolled account, and I've filed FB22939442 and have an open Developer Support case. Is this a known issue for new accounts, and is there a way to get these submissions looked at? Environment: macOS 26.2, Xcode 26.5, notarytool 1.1.2 (41).
Replies
18
Boosts
3
Views
1.1k
Activity
2d
Developer ID notarization submissions stuck In Progress after app transfer
I’m seeing several Developer ID notarization submissions stuck in “In Progress” after an app transfer. This is for a macOS app distributed outside the Mac App Store. The app was recently transferred to a new Apple Developer team. After the transfer, notarization uploads succeed, but the submissions never complete. The app appears to be Developer ID signed correctly with the new team. I submitted the app through both Xcode Direct Distribution and command-line notarytool. The upload succeeds, but the submissions remain in “In Progress”, and no notarization log is available. Example submission IDs: 5e411dc6-0610-4f9c-8eef-e2a3d0b6a2fb 01bdeeda-3c7e-421a-ae72-6dc081b75e79 986b0c5e-e32f-489f-bc86-3b3c7d7ec91d 193f29b7-b23a-40e7-8324-c076859ca843 notarytool log returns: Submission log is not yet available or submissionId does not exist I also see older submissions from the previous day still stuck in “In Progress”, so this does not look like a normal notarization delay. I’m trying to determine whether this is caused by the recent app transfer / Team ID change, or whether there is anything else I can check locally. Questions: Is it expected for Developer ID notarization jobs to remain “In Progress” for more than a day with no log available? Is there any known issue with Developer ID notarization after an app transfer? If the upload succeeds but no log is ever generated, is there a recommended escalation path for stuck notarization backend jobs?
Replies
3
Boosts
0
Views
907
Activity
5d
statusCode 7000 "Team is not yet configured for notarization" — persistent for 2 months, Developer Support stalled
I'm hitting a persistent notarization failure for a new organization team and I've exhausted the Developer Support route (case 102898059793, open since early June with no state change), so I'm hoping someone here can help me understand what statusCode 7000 actually requires. Setup: Team: H4N8Z7K4S4 (SmashMelon LLC, US organization, enrolled May 1, 2026; I'm the Account Holder) App: macOS app, Developer ID direct distribution, hardened runtime, secure timestamp; codesign --verify --deep --strict passes locally The same team ships iOS updates via App Store Connect with no problems Latest Program License Agreement accepted (June 20, 2026) Every notarization submission since May 19 — via both Xcode Organizer and notarytool — is rejected with the identical log: "status": "Rejected", "statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support...", "statusCode": 7000, "issues": null Recent submission IDs, should anyone at Apple want to look them up: 7ec8ec66-ab23-46e3-996f-22ff9f463593 (June 15) f7546486-255e-484c-a08f-dd6a2df391df (June 17) 56754783-3436-4142-84a4-d8cbfe400fc1 (June 23) 79f3a014-812f-4cca-969c-e41a432c24fe (July 6) issues:null on every log suggests the binary is never scored at all — the rejection happens at a team-level gate. One possibly-relevant observation: the Certificates section of the developer portal (and the App Store Connect API) lists no certificate of any kind for this team — signing happens via Xcode's cloud-managed signing. So the error's literal wording may be accurate: the team's Developer ID configuration may genuinely never have been provisioned. Notably, Apple's cloud signing service happily issues Developer ID signatures for this team — it's only the notary service that refuses it. The two systems appear to disagree about whether this team is provisioned. Developer Support requested identity and company verification (passport, formation documents, IRS 147-C, etc.), which I uploaded via their secure link on June 15. Since then, three more submissions have been rejected with the unchanged 7000 result, and the case status has been "still under investigation" for four straight weeks. Questions: What does statusCode 7000 actually gate on? Is there anything an Account Holder can do from the portal side, or is this purely an internal provisioning flag? Is there a way to get this escalated to whoever owns team provisioning? Two months without the ability to ship a bug-fix build to direct-distribution users is getting hard to absorb. Happy to provide any additional detail. Thanks!
Replies
1
Boosts
0
Views
89
Activity
5d
New team stuck at statusCode 7000 "Team is not yet configured for notarization"
I'm trying to notarize a macOS app under my individual team, WPJCQG3698. I enrolled in the Apple Developer Program in June 2026. Membership is active, all agreements are accepted, and the Developer ID Application certificate is valid. All 12 notarytool submissions since June 20 have failed the same way: statusCode: 7000 statusSummary: Team is not yet configured for notarization issues: null I'm authenticating with an App Store Connect team API key. Authentication and upload succeed every time, then the submission gets rejected in under a minute. As a control I copied /bin/ls, signed the copy with the same certificate, and submitted that. Same error, so it doesn't look app-specific. The latest submission is 03369f51-9929-4ec1-8940-e488cf1d00a7, uploaded 2026-07-10T08:30Z. Developer Programs Support case 102922992178 has been open since June 23 and was escalated to engineering on July 7. I retried today and nothing changed. This has been blocking our macOS release for three weeks now and I'm out of things to check on my side. Have I missed an account-side step, or is this something only Developer Programs Support can fix for the team?
Replies
1
Boosts
0
Views
120
Activity
5d
statusCode 7000 "Team is not yet configured for notarization" — 15+ days, cases open, no resolution
All notarization submissions for our team are Rejected with statusCode 7000: "Team is not yet configured for notarization." Team ID: LAC4584ST7 Account type: Organization (NextGen Digital FZCO) Membership: active — two apps already live on the App Store under this same team This is our first Developer ID (non-App Store) app. We have contacted Developer Programs Support under Development and Technical / Other Development or Technical Questions (as the 7000 error message instructs). Open cases: 102922996437, 102935309284, 102937482501. So far only automated acknowledgments — no engineering resolution after 15+ days. I understand this is an account-provisioning issue only Developer Programs Support engineering can resolve, not DTS. Posting here in case another affected developer has found what finally unblocked it, and to flag how long this has been stuck. Any guidance on the expected timeline, or anything on our side that could be blocking provisioning, would be appreciated.
Replies
1
Boosts
0
Views
69
Activity
1w
Developer ID Application cert rejected by notarytool for kext ("not signed with a valid Developer ID certificate") — still required in 2026?
Hi all, Working on a personal-use kernel extension (not for distribution, just my own Mac) and hitting a wall between Reduced Security and notarization. A lot of existing threads on this are from 2018–2022, so hoping someone can confirm what's still current. Setup: Apple Silicon, macOS 27 (Golden Gate beta) Boot Security Policy: Reduced Security with "Allow user management of kernel extensions from identified developers" enabled (confirmed via bputil -d) Standard $99/year Developer Program membership Kext signed with a standard Developer ID Application cert (via normal CSR through Keychain Access) What happened: codesign -dvvv shows a clean signature — valid Authority chain, correct TeamIdentifier, timestamped. No issues. But kmutil load -p rejects it: Authenticating extension failed: Bad code signature I understood from an older DTS reply that notarization was the missing piece, so I ran it through notarytool. Upload/auth succeeded, but the result came back Invalid: { "severity": "error", "message": "The binary is not signed with a valid Developer ID certificate.", "architecture": "arm64e" } Question: Is a standard Developer ID Application cert genuinely insufficient for kext notarization, and is the kext-signing entitlement (via /contact/kext/) still the only way to get a cert with the right extension (OID 1.2.840.113635.100.6.1.18)? Or has this changed for personal use recently? Apple's own Contact page for that form says: "You don't need to request a certificate to sign your kernel extension for personal use... signature checking can be disabled as described in the SIP Guide." That implies Reduced Security + personal kext shouldn't need the special cert — but my results suggest otherwise. Am I missing a step, or is there a documentation gap? Happy to share kmutil print-diagnostics output if useful. Thanks!
Replies
2
Boosts
0
Views
167
Activity
1w
statusCode 7000 "Team is not yet configured for notarization" — persists 10+ days, team 5JDP238JFX
Every notarytool submit from my team is rejected with: "status": "Rejected", "statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support…", "statusCode": 7000 This has persisted for 10+ days across many submissions (most recent job ID 00042820-f5d8-4c6b-a178-9b98d247170d, 2026-07-09). I distribute a macOS app outside the Mac App Store via Developer ID, so there is intentionally no App Store Connect app record. Everything on my side is verified correct: Apple Developer Program membership is active (Individual), team ID 5JDP238JFX. Valid Developer ID Application certificate; codesign --verify --strict passes with hardened runtime + secure timestamp; the signature chains cleanly to Apple Root CA. notarytool authenticates successfully — notarytool history returns my submission list — so credentials and team are correct; only notarization eligibility appears not to be enabled. I've signed in as Account Holder and see no pending agreements to accept. (← edit this line to match what you actually find — see note below.) My trader information was recently approved (received Apple's confirmation email). I've filed a Developer Program Support request but have had no response in over a week. The statusSummary reads like a team-level provisioning flag that hasn't been enabled. Ask: Can a DTS/forums engineer help get the notary service provisioned/enabled for team 5JDP238JFX, or point me to what account-side step is still outstanding? Happy to provide additional submission IDs or logs.
Replies
1
Boosts
0
Views
155
Activity
1w
Notarization submissions disappeared from history; signed DMG still unnotarized
Hello Apple Developer Support, I need help with several macOS notarization submissions for my app "Dollar Desktop Pet" 1.0.0. Team ID: Q7FF775479 Developer ID: Developer ID Application: JUNSEN LIU (Q7FF775479) Bundle ID: com.dollar.desktoppet App type: Universal Electron macOS app, Developer ID signed, hardened runtime enabled Update as of 2026-07-05T21:23Z: The same keychain profile still works for a control/probe submission: 626063b7-643e-4b3d-aeb0-430532fa4ca9 Name: DollarNotaryProbe.zip Created: 2026-07-01T04:58:19.608Z Status: Accepted However, xcrun notarytool history --keychain-profile dollar-notary now only returns that probe submission. It no longer lists any Dollar Desktop Pet submissions. When queried directly, these Dollar submission IDs now return: "Submission does not exist or does not belong to your team." Affected submission IDs: 4e3c96b2-19fc-4b8b-844e-c95ca9242f11 Signed DMG submitted 2026-07-04T02:31:10.690Z 26f558b5-ea70-4196-8923-a77beb9fdc70 App-only ZIP submitted 2026-07-04T02:39:21.525Z f36faef2-14b8-4edb-b7e5-5db1bd3e1e17 Older DMG submitted 2026-06-26T22:28:21.305Z Local verification: The signed DMG verifies locally with Developer ID and timestamp. The app bundle verifies with: codesign --verify --deep --strict --verbose=4 The app is universal, hardened runtime, and uses Electron-standard entitlements. The local signed DMG still has no stapled ticket. Gatekeeper still rejects it only as: source=Unnotarized Developer ID origin=Developer ID Application: JUNSEN LIU (Q7FF775479) This is not an Accepted or Invalid result. It looks like the Dollar submissions either disappeared from the team view or are in a backend state that notarytool can no longer address, while the same profile can still read the accepted probe submission. Can Apple confirm what happened to these submission IDs, and whether I should wait, resubmit, or change packaging? Thank you.
Replies
1
Boosts
0
Views
189
Activity
1w
First-time notarization stuck "In Progress" for 48+ hours (new Developer Program account)
Hello, I recently enrolled in the Apple Developer Program (Program License Agreement accepted 2026-07-03) and this is my first-ever notarization. All submissions have been stuck at status "In Progress" for over 48 hours and never reach Accepted or Invalid. "xcrun notarytool log" returns "Submission log is not yet available". I have verified everything on my side is correct: Signed with Developer ID Application (Team ID AXGBW2496Q) Hardened runtime enabled (flags=0x10000 runtime) Secure timestamp present codesign --verify --deep --strict passes ("satisfies its Designated Requirement") No get-task-allow entitlement notarytool credentials validate successfully All account agreements are accepted; none pending Could you please look into why these submissions are not completing? Team ID: AXGBW2496Q Submission IDs (all stuck In Progress): 3667a654-bd7e-40a9-927c-c919875aaf61 ffd1fcbf-ebf4-47cb-9a15-29731f973a86 98082a85-19d4-4efe-8119-36400dd1560c The app is a small (~360 KB) macOS utility. Thank you for any help.
Replies
1
Boosts
0
Views
162
Activity
1w
Notarization submissions stuck in "In Progress" for over 24 hours (Developer ID)
Hi Apple Developer Support, My Developer ID notarization submissions are stuck in “In Progress” for over 24 hours with no terminal state. Team ID: KYM5Q9Y394 Stuck submissions: e3bedb66-3821-4737-8e9c-c1620e06ffea (2026-06-30T10:54:50.954Z) 5127868d-1953-4ab1-9be7-f26fc14804d9 (2026-06-30T10:45:54.870Z) 830069c1-037f-4bd8-a79a-0f445839603c (2026-06-30T10:38:54.060Z) All were uploaded via notarytool and remain “In Progress”. Codesign verification passes locally, and earlier submissions were accepted (e.g. 6e1617c3-b612-4fce-9165-286c71dce56d). Could you please check whether these submissions are stuck in backend processing and advise next steps? Thank you.
Replies
4
Boosts
0
Views
330
Activity
2w
Notarization submissions stuck in "In Progress" for 7+ hours (new account, System Status green, all accepted)
Hi — I'm trying to notarize a Developer ID–signed macOS app (a small menu-bar .dmg, ~1.4 MB) and every submission has been stuck at status: In Progress for 7+ hours without ever reaching Accepted or Invalid. The Developer System Status page shows the Notary Service as green/operational. This is a recently enrolled account (Individual) and these are its first notarization submissions, so I suspect a first-time-on-new-account hang, but wanted to get it looked at. Team ID: C4GLRN98Q7 Submission IDs (all still In Progress): a206d94b-c0e7-4901-a35e-daaf69c8ec65 — created 2026-06-25 19:02 UTC (oldest, ~7h+) 71d08fb3-0ae0-413a-8004-e3fb99721403 — 2026-06-25 19:32 UTC a6687302-d7b2-43be-8098-1442f0b1d4ab — 2026-06-25 19:45 UTC a8428002-0cd0-4d46-bc6d-8e95b9df409b — 2026-06-25 19:58 UTC cb8602bf-386e-4d98-9d1a-ad7e5308e629 — 2026-06-26 02:16 UTC (newest) What I'm doing: Signing with codesign --options runtime --timestamp using a Developer ID Application cert, then submitting the .dmg with xcrun notarytool submit … --keychain-profile … --wait. codesign --verify --strict passes locally. xcrun notarytool info returns valid submission metadata, just perpetually In Progress. The very first --wait died on a local network drop, but the submission had already uploaded 100% and kept processing server-side; I have not been spamming — the repeats above were a handful of retries before I realized they were all hanging. I've stopped submitting new ones. Could someone check why these submissions aren't completing? Happy to provide a notarytool log once any of them finishes. Thanks!
Replies
1
Boosts
0
Views
303
Activity
2w
Notarisation stuck "In Progress" 15h on a new Developer ID cert — even a hello-world is stuck (same pattern as the recent multi-day threads?)
I'm hitting what looks like the same service-side notarisation issue reported recently (e.g. the "submissions stuck In Progress for days" thread / FB22939442), and would appreciate having my submissions looked at on the backend. Since 2026-06-25 ~12:00 UTC, every notarytool submission from my team goes to "In Progress" and never reaches a terminal state — no Accepted, no Invalid, no log (Submission log is not yet available, though info resolves the ID fine). The oldest is ~15 hours. Signing checks out: codesign --verify --strict passes and satisfies the Designated Requirement, hardened runtime with a secure timestamp, no get-task-allow, Developer ID Application. My builds notarised normally yesterday (e.g. 1ad9878b, Accepted 2026-06-24) — but those were on my previous Developer ID certificate. That cert's private key was lost (orphaned login keychain after a reboot), so I re-issued the Developer ID cert on 2026-06-25, and every submission on the new cert has been stuck since. Key data point: a trivial 5.8 KB signed "hello world" CLI binary (8c138308 below) also hangs "In Progress", so this is account/team-level, not app content. This lines up with the new-Developer-ID evaluation described in the Notarisation Resources Q&A, but several of mine are now past the usual window. Team: Creative Machines Limited (V95N2B8X7A) Feedback: FB23407538 Stuck submission UUIDs (oldest first): ef4af6d3-5750-4213-a108-584c75a861cc – 2026-06-25 ~11:59 UTC (oldest) 2d435abc-af77-4447-b2c8-94572b723f34 404a7d9d-9713-42df-99b6-1f144bc27ba1 8c138308-f23f-4df1-85f9-29095587f42b – the 5.8 KB hello-world This is the only blocker before I can distribute. Is there any way to get these specific IDs cross-referenced against the notary backend queue? Happy to share signed artifacts or the full notarytool poll log. Environment: macOS 26.4.1 (25E253), Xcode 26.5, notarytool 1.1.2 (41).
Replies
1
Boosts
0
Views
323
Activity
3w
Code Signing and Notarizing Open-Source unsigned binaries
Hi, I am trying to build an installer package of an usual(?) format: it contains a binary that I am developing code signing and notarization is straightforward here. it contains a 3rd-party binary that is open source, code signed and notarized by this third party code signing and notarization is also straightforward here as it's already been done. it also contains a 3rd-party binary that is also open source, however, it is not code signed or notarized This last one is the subject of my question. It is a well-established project with thousands of stars on GitHub, however their own "installation method" is a shell script that downloads the binary, checks its checksum and just places it in the right location. When building an installer package (it's an installer package of these three binaries packaged - productbuild with --distribution flag) this binary needs to be code signed and notarized for Developer ID distribution. I trust this binary, however the chance of supply chain attacks is never zero. My questions are: How can I shield myself best against accidentally submitting a malicious version of this third binary via notarytool to Apple? Should I separately submit versions of this binary for notarization from submitting new versions of my app? This binary is bound to change way less frequently than the app I'm actually developing. I really don't want to risk termination of my Apple Developer account because it has many high-value applications available. I am doing some basics - matching the intended checksum before packaging, signing with the hardened runtime entitlement - but I would love to hear if there's other steps I can do to protect this pipeline and my company from accidents like these that may unintentionally damage our reputation. Thanks in advance!
Replies
4
Boosts
1
Views
337
Activity
3w
First-time notarization stuck "In Progress" for over 24 hours — small Premiere Pro plugin (.pkg)
Hello, I submitted a .pkg installer for notarization on 2026-06-23 at 05:26 UTC, and more than 24 hours later the status is still In Progress. This is the first time I notarize this particular software — a small, lightweight Adobe Premiere Pro plugin — so I have no previous turnaround time to compare against. From what I understand, notarization usually completes within minutes to an hour, so a delay of this length feels abnormal and I'm not sure whether it's expected. Submission details Submission ID: 28b6be07-6bf0-4456-b6f1-6c2f7da27409 Submitted (UTC): 2026-06-23 05:26:37 Tool: xcrun notarytool (authenticated via a stored keychain profile) Package: .pkg installer for a small Premiere Pro plugin Status: In Progress (never moves past this state) The build was submitted successfully with no error and returned a valid submission ID. Running notarytool log does not yet return a log, since processing hasn't completed. Questions Is there currently a known notarization backlog or service delay on Apple's side? Can a first-time submission for a given product take noticeably longer than usual (e.g. an initial review)? What is a realistic maximum processing time before a submission should be considered stuck rather than simply slow? Should I wait, or cancel and resubmit? I'd rather not create duplicate submissions if it won't help. Thanks in advance for any guidance. Best regards, Robin
Replies
1
Boosts
0
Views
290
Activity
3w
Developer ID notarization stuck "In Progress" for 24+ hours, logs unavailable
Subject: Developer ID Notarization submissions stuck in “In Progress” for over 24 hours Developer Team ID: R6KKTZV8SL Environment: macOS 26.2 (Build 25C56) notarytool version: 1.0.0 (38) I am unable to complete notarization of any submissions. Affected submission IDs: 53fb3f5e-45e1-4435-9b46-6420d3fc1c98 Created: 2026-06-22T17:17:47.385Z Status: In Progress 37e99554-376f-419f-8648-cf8ba39ea1ff Created: 2026-06-22T18:13:35.034Z Status: In Progress 0af4a2be-aa8d-4bed-ab0b-173bd1b62538 Created: 2026-06-23T02:29:35.134Z Status: In Progress To rule out issues with my application bundle, I also submitted a minimal test archive (test.zip). That submission is also stuck in “In Progress”. The issue affects every notarization submission I have attempted. Commands used: xcrun notarytool submit … xcrun notarytool history –keychain-profile breather-notary xcrun notarytool info –keychain-profile breather-notary The submissions appear in history and info and remain in “In Progress”. Additionally, attempting to retrieve logs returns: “Submission log is not yet available or submissionId does not exist” Could you please investigate whether there is an issue with notarization processing for my team/account or a backend service issue affecting these submissions?
Replies
1
Boosts
0
Views
270
Activity
3w
First-time notarization stuck
First-time notarization stuck 'In Progress' ~12h and appears to be blocking my account's queue. Submission ID: dc257767-a693-4382-88db-8ecf82994a0b Team ID: 83B3GJVFAS
Replies
1
Boosts
0
Views
292
Activity
3w
Notarytool stuck at "In Progress"
I've been trying to notarize an installer (.pkg file) on a new laptop. Previous versions have been notarized successfully on a previous Mac. However, in spite of having the required certificates (same as the old Mac, generated for the new Mac) the submission gets stuck at "In Progress". Doing it multiple times (even hours apart) doesn't help. Is there a FAQ / suggested list of steps to help resolve this issue? Here's what I see: xcrun notarytool history --keychain-profile "(my profile name)" results in (problem started with v4, the first version I've tried on this new Mac): createdDate: 2023-10-17T01:34:36.911Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v4.pkg status: In Progress -------------------------------------------------- createdDate: 2023-10-17T01:33:59.191Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v4.pkg status: In Progress -------------------------------------------------- createdDate: 2023-10-16T21:01:25.832Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v4.pkg status: In Progress -------------------------------------------------- createdDate: 2023-10-16T19:57:44.776Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v4.pkg status: In Progress -------------------------------------------------- createdDate: 2023-10-02T14:17:34.108Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v3.pkg status: Accepted -------------------------------------------------- createdDate: 2023-09-28T14:04:46.211Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v2.pkg status: Accepted -------------------------------------------------- createdDate: 2023-09-20T17:28:46.168Z id: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name: xxxxxxxxxx-v1.pkg status: Accepted -------------------------------------------------- xcrun notarytool log xxxxxxxxxxxxxxxxxxxx --keychain-profile "(my profile name)" results in: Submission log is not yet available or submissionId does not exist id: xxxxxxxxxxxxxxxxxxxxxxxx
Replies
37
Boosts
4
Views
11k
Activity
3w
26.5.1 does not ask my notarized app for mic permission
My app runs as expected when debugging, trigging the MacOS to ask the user for permission to use the microphone. The notarized version of the app does not have the MacOS asking for user permission but the app gets the message 'User rejected permission'. I'm seeing this after upgrading to 26.5.1 and so is one of my users. What changed in getting microphone permission?
Replies
1
Boosts
0
Views
378
Activity
4w