Hello Apple Developer Community,
I've been working on notarizing my macOS application, Deep Focus, built using Electron, but I'm encountering persistent issues with binary signatures being reported as invalid during the notarization process.
I followed Apple's notarization documentation and ensured that all necessary configurations are in place, but I'm still seeing multiple "Invalid" errors in the notarization log.
Here’s the process I've followed so far:
1. System and Tools Setup:
macOS version: Apple M1 Pro Sonoma 14.5
macOS SDK: macOS 15.0
Xcode version: Version 16.0 (16A242d)
(Using VSCode instead of XCode since this is an Electron /JavaScript project.) Link to source code for inspection
2. Notarization Process:
-
Successfully stored credentials in Keychain using xcrun notarytool store-credentials.
-
Signed all app components, including frameworks, using the command:
for framework in "dist/Deep Focus-darwin-arm64/Deep Focus.app/Contents/Frameworks/"*.framework; do
codesign --force --deep --options runtime --timestamp --sign "Developer ID Application: Timeo Williams (3Y4F3KTSJA)" "$framework"
done
- Verified that Hardened Runtime is enabled and included the required entitlements.
3. Verification:
Checked code signatures with codesign -vvv --deep --strict Deep Focus.app, which returned valid results for all components. Verified the presence of the _CodeSignature directory for each framework and confirmed proper entitlements using:
codesign -d --entitlements - Deep Focus.app
4. Notarization Submission
Compressed the app into a .zip file and submitted it with xcrun notarytool submit --keychain-profile "notary" --wait. Although the notarization log provided detailed error messages, it still reported the following issues:
"The signature of the binary is invalid" for several frameworks, including Electron, ReactiveObjC, and Mantle.
{
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"issues": [
{
"path": "Deep Focus.zip/Deep Focus.app/Contents/Frameworks/Electron Framework.framework/Electron Framework",
"message": "The signature of the binary is invalid.",
"architecture": "arm64"
},
...
]
}
I've double-checked the signing process and attempted re-signing the frameworks, but the notarization continues to fail due to these invalid signatures. I’m not sure what’s causing the _CodeSignature file to be missing for some frameworks even after signing.
[I also installed the Signet app to test verification.
My Questions:
- What could be causing the binary signatures to be reported as invalid during notarization, despite the app satisfying its designated requirements according to codesign?
- Is there a specific way I should be handling Electron-based apps for macOS notarization that differs from standard macOS apps?
- Could the issue be related to the use of ARM64 architecture, and are there any additional steps required for signing on ARM-based systems?
- Are there any known compatibility issues with frameworks like ReactiveObjC, Mantle, or Squirrel that could affect the notarization process?
Any guidance or troubleshooting steps would be greatly appreciated. Thank you in advance!
