Notarisation failing with “The signature of the binary is invalid"

Look at the path in that error:

LocalApp-macosx.zip/LocalApp-macosx.app/Contents/Resources/Java/Disk1/InstData/Resource1.zip/$BUILD_ROOT$/Desktop/collaborator.app_zg_ia_sf.jar/Contents/MacOS/applet

You submitted LocalApp-macosx.zip, so that makes sense. Within that you have Resource1.zip and within that there’s collaborator.app_zg_ia_sf.jar. The latter is a Java archive, but that’s close enough to a zip archive that the notary service will look within it. So, looking through these three levels of archives it’s found some code that’s not signed correctly.

I don’t maintain expertise in Java but my experience with other Java developers is that the Java build process often embeds native code [1] in a Java archive. That code isn’t signed properly, so when you embed the Java archive in your main app the notary service complains. There are there standard solutions:

• Unpack the Java archive, sign the native code, and then repack it.

• Change the build system to sign the native code before packaging it into the archive.

• Relocate the native code out of the Java archive.

Beyond that, I recommend that you consult the support resources for your third-party tooling to see if they have specific advice on this topic. If not, we have general instructions in:

• Creating distribution-signed code for macOS

• Packaging Mac software for distribution

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] By native code I mean a Mach-O image, as defined in An Apple Library Primer.