Code Block language ITMS-90238: Invalid Signature - The main app bundle APP_NAME at path app_name.app has following signing error(s): --prepared:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/libMonoPosixHelper.dylib --validated:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/libMonoPosixHelper.dylib --prepared:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/libmonobdwgc-2.0.dylib --validated:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/libmonobdwgc-2.0.dylib --prepared:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/libssl.dylib --validated:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/libssl.dylib --prepared:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/libcrypto.dylib --validated:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/libcrypto.dylib --prepared:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/UnityPlayer.dylib --validated:/Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app/Contents/Frameworks/UnityPlayer.dylib /Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app: valid on disk /Volumes/data01/app_data/app-processing/mz_621478465736756725dir/mz_11614935509311203053dir/com.company.app_name.pkg/Payload/app_name.app: satisfies its Designated Requirement test-requirement: code failed to satisfy specified code requirement(s) . Refer to the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html for more information.
Replies
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
So two different certificates.
For notarisation, you sign the app with Developer ID Application, then build the package, then sign the package with Developer ID Installer
For submission to the Mac App Store, you sign the app with 3rd Party Mac Developer Application, then build the package, then sign the package with 3rd Party Mac Developer Installer
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
Unity Cloud Build builds the app and produces APP_NAME.app
Unity Cloud Build signs the .app file with the Developer ID Application. (It might zip the file first, again this process is opaque to me as I do not control it.)
It then submits that build for notarization.
I download the notarized .app file from Unity Cloud Build
I build and sign the .pkg file with this command:
Code Block bash productbuild --component APP_NAME.app /Applications --sign '3rd Party Mac Developer Installer: Company Inc. (XXXXXXXXX)' APP_NAME.pkg
I then submit APP_NAME.pkg to the Mac App Store with Transporter.
Apple then sends me the email full of errors.
I download the notarized .app file from Unity Cloud Build
The command you posted signs the installer package but doesn’t re-sign the app. When you install a package to the store:I build and sign the .pkg file with this command:
The package must be signed with your installer distribution identity (typically 3rd Party Mac Developer Installer…).
The app inside the package must be signed with your app distribution identity (typically 3rd Party Mac Developer Application…).
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
Developer ID Application - Can sign code, used for Notarization + distribution outside the AppStore
3rd Party Mac Developer Application - Can sign code, used for AppStore submission
3rd Party Installer Application - Can sign .pkg files, used for AppStore
Thanks for your help eskimo, this how-to was really useful for clearing up where I was getting confused. https://developer.apple.com/forums/thread/128166