Hi,
I developed a JavaFX application and I build the .app using ant. This application will be dowloaded from our server and installed with dmg by the users. I want to avoid the message “This application was downloaded from the Internet. Are you sure you want to open it?” so I tried to sign it.
This is what I did.
1) I created a dev certificate with type “Mac Development” to test in Apple Site.
2) I downloaded my certificate and the intermediate certificates (World Developer Relations Certificate Authority and Developer ID Certificate Authority)
3) I added the 3 certificates in Keychain
4) Steps to sign my app
- codesign --force --verbose -s "MyName (Code)" MyApp.app/Contents/MacOS/libpackager.dylib
- codesign --force --verbose -s "MyName (Code)” MyApp.app/Contents/PlugIns/Java.runtime/
- codesign --force --verbose -s "MyName (Code)” MyApp.app
5) I verified it with
- codesign -vv MyApp.app and the result was
MyApp.app/: valid on disk
MyAoo.app/: satisfies its Designated Requirement
- spctl -vv --assess --type execute MyApp.app
MyApp.app: rejected
origin=Mac Developer: MyName(Code)
Why is it rejected?
More info of my app.
codesign -dvv My.app
Executable=/…/MyApp.app/Contents/MacOS/MyApp
Identifier=fxApplication
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=269 flags=0x0(none) hashes=3+3 location=embedded
Signature size=4707
Authority=Mac Developer: MyName (Code)
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Signed Time=Jun 15, 2018, 14:38:26
Info.plist entries=23
TeamIdentifier=YC2T2UN3Z9
Sealed Resources version=2 rules=12 files=11
Internal requirements count=1 size=184
What should I do to sign correctly my application?
Should I add information to the Info.plist before build the .app? What?
Thanks
Mariela
