I'm trying to build a signed app-image with jpackage in MacOS so I can notarize the application after that and then distribute without warnings.
I already imported the Dev ID Installer and Application certificates to a temp keychain, only to use on my script inside macos, here is the code:
security create-keychain -p $MACOS_KEYCHAIN_PASSWORD $MACOS_KEYCHAIN
security set-keychain-settings -lut 21600 $MACOS_KEYCHAIN
security unlock-keychain -p $MACOS_KEYCHAIN_PASSWORD $MACOS_KEYCHAIN
security import devIDApplication.p12 -k $MACOS_KEYCHAIN -f pkcs12 -A -T /usr/bin/codesign -T /usr/bin/security -P $MACOS_CERTIFICATE_PASSWORD
security import devIDInstaller.p12 -k $MACOS_KEYCHAIN -f pkcs12 -A -T /usr/bin/codesign -T /usr/bin/security -P $MACOS_CERTIFICATE_PASSWORD
security set-key-partition-list -S apple-tool:,apple: -k $MACOS_KEYCHAIN_PASSWORD $MACOS_KEYCHAIN
The two certificates were imported, the output is:
1 identity imported.
1 identity imported.
But then, when I use jpackage (open-jdk17.0.2 from jdk.net) I receive this error:
[18:05:09.091] jdk.jpackage.internal.ConfigException: Signature explicitly requested but no signing certificate found
at jdk.jpackage/jdk.jpackage.internal.MacAppBundler.doValidate(MacAppBundler.java:136)
at jdk.jpackage/jdk.jpackage.internal.AppImageBundler.validate(AppImageBundler.java:70)
at jdk.jpackage/jdk.jpackage.internal.Arguments.generateBundle(Arguments.java:675)
at jdk.jpackage/jdk.jpackage.internal.Arguments.processArguments(Arguments.java:550)
at jdk.jpackage/jdk.jpackage.main.Main.execute(Main.java:91)
at jdk.jpackage/jdk.jpackage.main.Main.main(Main.java:52)
[18:05:09.092] jdk.jpackage.internal.PackagerException: Bundler Mac Application Image skipped because of a configuration problem: Signature explicitly requested but no signing certificate found
Advice to fix: Specify a valid mac-signing-key-user-name and mac-signing-keychain
at jdk.jpackage/jdk.jpackage.internal.Arguments.generateBundle(Arguments.java:688)
at jdk.jpackage/jdk.jpackage.internal.Arguments.processArguments(Arguments.java:550)
at jdk.jpackage/jdk.jpackage.main.Main.execute(Main.java:91)
at jdk.jpackage/jdk.jpackage.main.Main.main(Main.java:52)
Caused by: jdk.jpackage.internal.ConfigException: Signature explicitly requested but no signing certificate found
at jdk.jpackage/jdk.jpackage.internal.MacAppBundler.doValidate(MacAppBundler.java:136)
at jdk.jpackage/jdk.jpackage.internal.AppImageBundler.validate(AppImageBundler.java:70)
at jdk.jpackage/jdk.jpackage.internal.Arguments.generateBundle(Arguments.java:675)
... 3 more
[18:05:09.091] No certificate found matching [Developer ID Application: Company - EPP (USERCODE)] using keychain [signing_temp.keychain]
I'm really stuck on this, can anyone help me?
The jpackage script I'm using:
jpackage --type app-image --input "$INPUT/target/" --dest "$INPUT/target/output" --name "$NAME" \
--main-jar package.jar --main-class org.test.launcher.Launcher --add-modules "$JDK_MODULES" \
--resource-dir "$RES" --copyright "$COPYRIGHT" --app-version "$VERSION" --description "$DESC" --vendor "$VENDOR" \
--verbose \
--mac-sign \
--mac-signing-keychain "$MACOS_KEYCHAIN" \
--mac-signing-key-user-name "$MACOS_CERT_IDENTITY" \
--mac-package-identifier "$IDENTIFIER" \
--mac-entitlements "$RES/uri-launcher.entitlements" \
"${customOptions[@]}" "${commonOptions[@]}"