Having reviewed every document, this has been going on for nearly two months. Originally, it was thought that the problem might be related to the fact I had created the developer ID signing certificate on an intel mac, and trying to import and use it on an M1 Mac-Mini. That turned out to not be the case. Completely started over with a new account (the company changed names), requested and was granted the entitlements we needed. Create a new CSR from this new m1 machine, created a Developer ID certificate, installed the certificate on this machine. But no matter what, the codesign fails. Troubleshooting Environment: Brand new Apple Developer account and Developer ID Application certificate (generated CSR on this Mac, installed cert and private key in login keychain) macOS build/signing machine, not running codesign as root Working from Terminal app in GUI session, not via SSH/cron Keychain & Certificate Chain: Verified Developer ID Application: Fidelis Security LLC (J4WGF5B6KZ) certificate and private key are present in login keychain Verified certificate is marked as trusted and has a private key attached Developer ID Certification Authority present and trusted in System keychain (removed any extra from login) Evaluate certificate assistant shows everything is good Apple Root CA present and trusted in System keychain Set all trust settings back to System Defaults after testing with “Always Trust” No expired or duplicate Developer ID intermediates present codesign Troubleshooting: Ran: codesign --force --timestamp --options runtime --sign "Developer ID Application: Fidelis Security LLC (J4WGF5B6KZ)" ./fidelisevents Consistently received: Warning: unable to build chain to self-signed root for signer ... errSecInternalComponent Confirmed correct identity using: security find-identity -v -p codesigning (Shows my Developer ID Application cert as valid) Keychain order confirmed with security list-keychains Tried explicit --keychain argument in codesign (no change) Additional Steps Attempted: Downloaded and re-installed all relevant Apple intermediates/root certificates from https://www.apple.com/certificateauthority/ Rebooted the Mac and killed/restarted the securityd daemon Confirmed no use of sudo or root for codesigning Verified keychain is unlocked Checked that partition list grants access to codesign (set with security set-key-partition-list -S "apple:codesign:" -s -k "" ~/Library/Keychains/login.keychain-db) Attempted to codesign a copy of /usr/bin/true (same error) Ran codesign both with and without --timestamp, both on app bundle and binary Keychain Access showing: Certificate and private key present and linked Correct trust chain System keychain containing all Apple intermediates/roots No trust warnings or red Xs Downloaded the latest Apple CA and Developer ID Root certificates and installed those. None of the forum searches have helped. AI is likewise confused.

In XCode I create and export a notarized app for "direct distribution". I then create a tar file of the exported .app to distribute to my users. Until today this worked fine. Now when the users try to run the app it pops up a dialog saying "app is damaged and can't be opened. You should move it to the Trash." It is possible to ctrl-click on the app and force it to run but, I think, whether this works or not will depend on system settings and not all users have root access to modify settings. Even simply copying the .app folder from the command line will cause this error.

Hello, I'm working on an app at work and we finally got to signing and notarizing the app. The app is successfully notarized and stapled, I packaged it in a .dmg using hdiutil and went ahead and notarized and stapled that as well. Now I tried to move this app to another machine through various methods. But every time I download it from another machine, open and extract the contents of the dmg and attempt to open the app, I get the "Apple could not verify my app is free of malware that may harm your Mac or compromise your privacy. When I check the extended attributes there's always the com.apple.quarantine attribute which from what I know, is the reason that this popup appears I've tried uploading it to google drive, sending through slack, onedrive, even tried our AWS servers and last but not least, I tried our Azure servers (which is what we use for distribution of the windows version of our app). I tried uploading to Azure through CloudBerry (MSP360 now), and azure-cli defining the content-type as "application/octet-stream", the content-disposition as "attachment; filename=myApp.dmg", and content-cache-control as "no-transform". None of these worked The only times where a download actually worked with no problems was when I downloaded through the terminal using curl, which obviously not a great solution especially that we're distributing to users who aren't exactly "tech savy" I want the installation experience to be as smooth as other apps outside the App Store (i.e Discord, Slack, Firefox, Chrome etc....) but I've been stuck on this for more than a week with no luck. Any help is greatly appreciated, and if you want me to clarify something further I'd be happy to do so

I'm into packaging up my Mac game and want to submit it to the Mac App Store via XCode -> Product -> Archive -> Distribute App. I'm getting the following error: Validation failed The installer package includes files that are only readable by the root user. This will prevent verification of the application's code signature when your app is run. Ensure that non-root users can read the files in your app. I've created post build and post package hooks in xcode that list out the files do a debug log file, but there is no single file that is root only or having not 755 as rights. Any idea what I can change to fix this? Is this even something I can influence? Or is this a App Store connect issue? Thanks Martin

Hello I have a qt, CMAKE app, non-xcode one till xcode start supporting cmake. I have 3 apps, 2 basic ones and 1 very complex ones. My complex one build/links/notarises/validates/deploys beautifly. I have tear in my eye when I see it build. The other 2 apps explode and torment me for past 5 days. The build proves is 99% the same, the only thing that a little changes are info.plist and app name+ some minor changes. Its absolutely bananas and I can't fix it, I'm running out of ideas so if any1 could sugged anything, I'll buy & ship you a beer. Anyway, errors: Log: Using otool: Log: inspecting "/Users/dariusz/Qt/6.9.1/macos/lib/QtCore.framework/Versions/A/QtCore" Log: Could not parse otool output line: "/Users/dariusz/Qt/6.9.1/macos/lib/QtCore.framework/Versions/A/QtCore (architecture arm64):" Log: Adding framework: Log: Framework name "QtCore.framework" Framework directory "/Users/dariusz/Qt/6.9.1/macos/lib/" Framework path "/Users/dariusz/Qt/6.9.1/macos/lib/QtCore.framework" Binary directory "Versions/A" Binary name "QtCore" Binary path "/Versions/A/QtCore" Version "A" Install name "@rpath/QtCore.framework/Versions/A/QtCore" Deployed install name "@rpath/QtCore.framework/Versions/A/QtCore" Source file Path "/Users/dariusz/Qt/6.9.1/macos/lib/QtCore.framework/Versions/A/QtCore" Framework Destination Directory (relative to bundle) "Contents/Frameworks/QtCore.framework" Binary Destination Directory (relative to bundle) "Contents/Frameworks/QtCore.framework/Versions/A" Log: copied: "/Users/dariusz/Qt/6.9.1/macos/lib/QtWebSockets.framework/Versions/A/QtWebSockets" Log: to "/AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/Frameworks/QtWebSockets.framework/Versions/A/QtWebSockets" Log: copy: "/Users/dariusz/Qt/6.9.1/macos/lib/QtWebSockets.framework/Resources" "/AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/Frameworks/QtWebSockets.framework/Versions/A/Resources" Log: copied: "/Users/dariusz/Qt/6.9.1/macos/lib/QtWebSockets.framework/Resources/Info.plist" Log: to "/AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/Frameworks/QtWebSockets.framework/Versions/A/Resources/Info.plist" Log: copied: "/Users/dariusz/Qt/6.9.1/macos/lib/QtWebSockets.framework/Resources/PrivacyInfo.xcprivacy" Log: to "/AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/Frameworks/QtWebSockets.framework/Versions/A/Resources/PrivacyInfo.xcprivacy" Log: symlink "/AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/Frameworks/QtWebSockets.framework/QtWebSockets" Log: points to "Versions/Current/QtWebSockets" Log: symlink "/AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/Frameworks/QtWebSockets.framework/Resources" Log: points to "Versions/Current/Resources" Log: symlink "/AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/Frameworks/QtWebSockets.framework/Versions/Current" Log: points to "A" Log: Using install_name_tool: Log: in "/AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/MacOS/Agameri_Toolbox" Log: change reference "@rpath/QtWebSockets.framework/Versions/A/QtWebSockets" Log: to "@rpath/QtWebSockets.framework/Versions/A/QtWebSockets" ERROR: "/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/install_name_tool: fatal error: file not in an order that can be processed (link edit information does not fill the __LINKEDIT segment): /AppBuild/Agameri_Toolbox/Agameri_Toolbox.app/Contents/MacOS/Agameri_Toolbox\n" ERROR: "" Even tho I get that error, it will "Notarize" and "greenlight by gatekeeper. So my automatic build app if he sees error with the __LINKEDIT it will stop deployment. But even tho he "stops" release of app to public I can still go check binary and when I try to run that I get: Library not loaded: @rpath/QtConcurrent.framework/Versions/A/QtConcurrent Referenced from: <69A296DB-8C7D-3BC9-A8AE-947B8D6ED224> /Volumes/VOLUME/*/Agameri_Toolbox.app/Contents/MacOS/Agameri_Toolbox Reason: tried: '/Users/dariusz/Qt/6.9.1/macos/lib/QtConcurrent.framework/Versions/A/QtConcurrent' (code signature in <192D5FAC-FE8C-31AB-86A7-6C2CE5D3E864> '/Users/dariusz/Qt/6.9.1/macos/lib/QtConcurrent.framework/Versions/A/QtConcurrent' not valid for use in process: mapping process and mapped file (non-platform) have different Team IDs), '/System/Volumes/Preboot/Cryptexes/OS/Users/dariusz/Qt/6.9.1/macos/lib/QtConcurrent.framework/Versions/A/QtConcurrent' (no such file), '/Volumes/DEV_MAC/02_CODE/Dev/Icarus.nosync/Icarus_Singleton/codeSingleton/libOutput/Release/QtConcurrent.framework/Versions/A/QtConcurrent' (no such file), '/System/Volumes/Preboot/Cryptexes/OS/Volumes/DEV_MAC/02_CODE/Dev/Icarus.nosync/Icarus_Singleton/codeSingleton/libOu (terminated at launch; ignore backtrace) And here is my build script, its QT based application, I'm using macdeployqt + my own custom signing as the one from macdeployqt breaks on the complex app. (I will post it in next post as apparently there is 7k limit O.O) I've tried to replace the @rpath/ to @executable_path but that has made a million new issues and I'm just lost.

The driver does not show up in the app settings after switching to “DriverKit USB Transport - VendorID”. Previously, the app used “DriverKit USB Transport (development)” and everything worked as expected. The entitlements looked like this: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.driverkit</key> <true/> <key>com.apple.developer.driverkit.transport.usb</key> <array> <dict> <key>idVendor</key> <string>*</string> </dict> </array> </dict> </plist> I received approval to use “DriverKit USB Transport - VendorID”. I updated the App ID configuration in the portal, removed all development entitlements, updated the provisioning profile, and edited the driver’s .entitlements as follows: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.driverkit</key> <true/> <key>com.apple.developer.driverkit.transport.usb</key> <array> <dict> <key>idVendor</key> <integer>1111</integer> </dict> </array> </dict> </plist> The app installs on an iPad with an M processor, but the driver does not appear in the settings. In the logs I see the following: 272 debug 19:50:42.005193+0300 installd 7935 signing bytes in 5 blob(s) from /var/installd/Library/Caches/com.apple.mobile.installd.staging/temp.bugkAE/extracted/Payload/****.app/SystemExtensions/****Driver.dext/****.Driver(arm64) 272 debug 19:50:42.012068+0300 installd open(/var/installd/Library/Caches/com.apple.mobile.installd.staging/temp.bugkAE/extracted/Payload/****.app/SystemExtensions/net.svedm.****.SDRDriver.dext/Info.plist,0x0,0x1b6) = 4 272 debug 19:50:42.012712+0300 installd 0xc2e14c618 done serializing <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "https://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict><key>application-identifier</key><string>****.Driver</string><key>com.apple.application-identifier</key><string>****</string><key>com.apple.developer.driverkit</key><true/><key>com.apple.developer.driverkit.transport.usb</key><array><dict><key>idVendor</key><integer>3034</integer></dict></array><key>com.apple.developer.team-identifier</key><string>****</string><key>com.apple.security.get-task-allow</key><true/><key>get-task-allow</key><true/></dict></plist> 0 error 19:53:08.930054+0300 kernel Sandbox: MyApp(844) deny(1) sysctl-read kern.bootargs 0 error 19:53:08.931571+0300 kernel Sandbox: driverkitd(77) deny(1) syscall-unix 284 syscall-unix-denied-SIGKILL 0 error 19:53:09.985946+0300 kernel 1 duplicate report for Sandbox: driverkitd(77) deny(1) syscall-unix 284 syscall-unix-denied-SIGKILL 0 error 19:53:09.985985+0300 kernel Sandbox: MyApp(844) deny(2) file-test-existence /usr/bin/swift-backtrace 0 error 19:53:09.986011+0300 kernel Sandbox: MyApp(844) deny(2) file-test-existence /usr/bin/arm64e But I don’t quite understand what is going wrong. Any ideas?

This is a Math+CS Educational app written in Java. I have been able to distribute the Intel-Mac version downloaded as a .dmg (code-signed, notarized and stapled). I also need to support Apple silicon hw. I re-created the entire sw manufacturing structure on my M2 Macbook. I'm using the exact same command scripts that work on the older hardware. I am expecting the jpackage script to run the same way on the M2....but no. The first sign of trouble is I'm not getting an authentication password dialog , which I believe is thrown up by the MacOS when codesign asks to access my Keychain certificates. My keychain is setup the default way. Here is the error msg: [07:38:08.719] Running /usr/bin/codesign [07:38:08.749] java.io.IOException: Command [/usr/bin/codesign, -s, Developer ID Application: Pierre Bierre (SL7L4YU8GT), -vvvv, --timestamp, --options, runtime, --prefix, ST_DFG2D_ARM, /var/folders/v7/06pp2_5d6gz9593k96n2z0v40000gn/T/jdk.jpackage11705714069544945060/images/image-2753484488940359178/DataflowGeom2D.app/Contents/runtime/Contents/Home/lib/libnet.dylib] exited with 1 code at jdk.jpackage/jdk.jpackage.internal.Executor.executeExpectSuccess(Executor.java:90) at jdk.jpackage/jdk.jpackage.internal.IOUtils.exec(IOUtils.java:215) If I build the .dmg installer WITHOUT code-signing it, it produces a good .dmg, but I can't distribute it to my students with M2-M3-M4 rigs. The error feedback from "codesign" is nonspecific and inactionable. As a developer, I need specific, actionable error messages. I expect that from the wealthiest computer company in the world. Need the info.

Hi all, I’ve run into a signing/entitlements problem that shows up only on Big Sur (11.x). The very same .app launches perfectly on Monterey (12), Ventura (13), Sonoma (14 / 14.5) and Sequoia (15). Failure on macOS 11 com.apple.xpc.launchd[1] (application.app.myapp.exams.566312.566318[1602]): removing service since it exited with consistent failure – OS_REASON_CODESIGNING | When validating …/MyAppNameBlurred 3.13.1.app/Contents/MacOS/MyAppNameBlurred 3.13.1: Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: Binary is improperly signed. Launching from Terminal: open -a "/Users/admin/Downloads/MyAppNameBlurred 3.13.1.app" kLSNoLaunchPermissionErr (-10826) | Launchd job spawn failed with error: 153 What I’ve already checked # signature itself codesign -dvvv "/Users/admin/Downloads/MyAppNameBlurred 3.13.1.app" # => valid, Authority = Developer ID Application, runtime enabled # full deep/strict verification codesign --verify --deep --strict -vvv "/Users/admin/Downloads/MyAppNameBlurred 3.13.1.app" # => “satisfies its Designated Requirement” # Gatekeeper assessment spctl --assess --type execute --verbose=4 "/Users/admin/Downloads/MyAppNameBlurred 3.13.1.app" # => accepted (override security disabled) # embedded provisioning profile matches bundle ID codesign -d --entitlements :- "/Users/admin/Downloads/MyAppNameBlurred 3.13.1.app" | plutil -p - security cms -D -i "/Users/admin/Downloads/MyAppNameBlurred 3.13.1.app/Contents/embedded.provisionprofile" \ | plutil -extract Entitlements xml1 -o - # => both show the AAC entitlement and everything looks in order # notarization ticket stapler validate "/Users/admin/Downloads/MyAppNameBlurred 3.13.1.app" # => “The validate action worked!” Deployment target: MACOSX_DEPLOYMENT_TARGET = 11.0 Entitlement added: com.apple.developer.automatic-assessment-configuration = true Provisioning profile: generated this year via Developer ID, includes the assessment entitlement and nothing else unusual. Runtime code: we call AEAssessmentSession's network configuration part only on 12 + (guarded with @available(macOS 12.0, *)). Has anyone hit this mismatch on 11.x? Could Big Sur be expecting something older or idk? Any pointers appreciated! Thanks!

We recently had an external pentest for one of our company's macOS applications and they brought up the topic of library validation. Our app has hardened runtime enabled and passes notarization. The codesign verification output includes: flags=0x10000(runtime) The pentesters brought up that both validation and runtime should be present, so I discovered that you could also add library validation by augmenting our flags with: OTHER_CODE_SIGN_FLAGS = --timestamp -o library which changes the flags to: flags=0x12000(library-validation,runtime) The pentesters insist that both options are necessary, especially to avoid library injection when SIP is off, but Apple's docs say that hardened runtime already implies library validation (see here ) My question is: does explicitly specifying library validation provide something that hardened runtime does not already? Or is it correct that hardened runtime already imply library validation? For what it's worth, I did a quick scan of some of the apps on my system, interesting some of the Apple system apps have only library validation (e.g. Safari, Photos), some have both (e.g. Podcasts), some have only hardened runtime (e.g. Mail). So that didn't help answer the question. Thank you!

We are building an installer application to install a dext. Building in Xcode, the installer app launches fine locally and installs the dext. We then try to sign it with the company Developer ID application certificate. However after doing so we cannot launch the application anymore as we get the following crash at launch: Exception Codes: 0x0000000000000000, 0x0000000000000000 Termination Reason: CODESIGNING 1 Taskgated Invalid Signature Triggered by Thread: 0 Thread 0 Crashed: 0 dyld_path_missing 0x102e187c0 _dyld_start + 0 Thread 0 crashed with ARM Thread State (64-bit): x0: 0x0000000000000000 x1: 0x0000000000000000 x2: 0x0000000000000000 x3: 0x0000000000000000 x4: 0x0000000000000000 x5: 0x0000000000000000 x6: 0x0000000000000000 x7: 0x0000000000000000 x8: 0x0000000000000000 x9: 0x0000000000000000 x10: 0x0000000000000000 x11: 0x0000000000000000 x12: 0x0000000000000000 x13: 0x0000000000000000 x14: 0x0000000000000000 x15: 0x0000000000000000 x16: 0x0000000000000000 x17: 0x0000000000000000 x18: 0x0000000000000000 x19: 0x0000000000000000 x20: 0x0000000000000000 x21: 0x0000000000000000 x22: 0x0000000000000000 x23: 0x0000000000000000 x24: 0x0000000000000000 x25: 0x0000000000000000 x26: 0x0000000000000000 x27: 0x0000000000000000 x28: 0x0000000000000000 fp: 0x0000000000000000 lr: 0x0000000000000000 sp: 0x000000016d13fba0 pc: 0x0000000102e187c0 cpsr: 0x00000000 far: 0x0000000000000000 esr: 0x00000000 Address size fault Binary Images: 0x102e14000 - 0x102eaffff dyld_path_missing (*) <9cf0401a-a938-389e-a77d-9e9608076ccf> /dyld_path_missing 0x102cc0000 - 0x102cc3fff main_executable_path_missing (*) <5fb2bea6-ba11-340d-a7a4-8657d5a736e2> /main_executable_path_missing 0x0 - 0xffffffffffffffff ??? (*) <00000000-0000-0000-0000-000000000000> ??? Error Formulating Crash Report: dyld_process_snapshot_get_shared_cache failed Following the different help pages from Apple, the application seems to be correctly signed. Looking at the Console, we are seeing the following message at launch: "Unsatisfied entitlements: com.apple.developer.system-extension.install, com.apple.developer.driverkit". However, the entitlement file I am using to sign the installer app contains those entitlements. We are looking at different possible issues for days now and can't figure it out. Any advice or thought would be appreciated.

I spent 20 minutes trying to figure out why codesigning was failing -- I had the pf block set up correctly, my keychains were unlocked, and then, eventually, it occurred to me, hey, maybe an IP address changed, so I disabled IPv6 except for link local, and then amazingly, it went back to working. I filed FB13706261 over a year ago. This is ridiculous.

This math-educational 3D-graphics courseware utilizes Java3D, which sits on top of hardware-dependent JOGAMP binaries (which instruct at the GPU-level). This code signing command applied to the installer .dmg: codesign -s "myName" --force --options runtime ~/DFG2D_MacOS_Manufacturing/MacOSInstallers/DFG2D_Mac_J1602_x86/DataflowGeometry2D-1.0.300.dmg is supposed to force signing of all the embedded binaries, BUT the notary tool finds about 25 jogamp-fat dynamic libraries (/ *.dylib) UNSIGNED. Processing complete id: 23d81a99-4087-48d2-a567-8072dd2820fe status: Invalid pierrebierre@Pierres-iMac ~ % xcrun notarytool log 17d2fe94-f38a-47d4-9568-cf4dc65f24c9 --apple-id "xxxxxxxxxxx" --team-id "XXXXXXXXX" --password pwpwpwpwpw { "logFormatVersion": 1, "jobId": "17d2fe94-f38a-47d4-9568-cf4dc65f24c9", "status": "Invalid", "statusSummary": "Archive contains critical validation errors", "statusCode": 4000, "archiveFilename": "DataflowGeometry2D-1.0.300.dmg", "uploadDate": "2025-07-13T21:28:21.147Z", "sha256": "57320c4ad4a07f144336084152bf7e3328f8c5694dd568d2cfd23a596b5b3b13", "ticketContents": null, "issues": [ { "severity": "error", "code": null, "path": "DataflowGeometry2D-1.0.300.dmg/DataflowGeometry2D.app/Contents/app/DFG2D_Mac_x86_300.jar/lib/jogamp-fat/jogamp-fat.jar/natives/macosx-universal/libnativewindow_awt.dylib", "message": "The binary is not signed.", "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721", "architecture": "x86_64" }, { "severity": "error", "code": null, "path": "DataflowGeometry2D-1.0.300.dmg/DataflowGeometry2D.app/Contents/app/DFG2D_Mac_x86_300.jar/lib/jogamp-fat/jogamp-fat.jar/natives/macosx-universal/libnativewindow_awt.dylib", "message": "The signature does not include a secure timestamp.", "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733", "architecture": "x86_64" }, What is your advice on how to get these binaries signed?

Hi guys, New to publishing apps on Apple Store. I encounter some notarization error before and resolved it in this post. By solving the previous issue, I updated the Trust setting from "Always Trust" to "Use System Defaults" for Apple certificates. The codesign and notarization no longer give me any problem. But now, I encountered another issue. When I ran the .app on my local Macbook, it now gives me "zsh: trace trap" error. Dive a little further and check the crash report, I found the some details as following. Process: my_app [30652] Path: /Users/USER/my_app_path Identifier: my_app Version: 0.0.0 (???) Code Type: ARM-64 (Native) Parent Process: launchd [1] User ID: 501 Date/Time: 2025-07-15 14:57:58.9874 -0400 OS Version: macOS 15.5 (24F74) Report Version: 12 Anonymous UUID: 2335F0B6-A26E-6446-6074-0FCE620C4B6A Time Awake Since Boot: 6000 seconds System Integrity Protection: enabled Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGKILL (Code Signature Invalid)) Exception Codes: UNKNOWN_0x32 at 0x00000001064b4000 Exception Codes: 0x0000000000000032, 0x00000001064b4000 Termination Reason: Namespace CODESIGNING, Code 2 Invalid Page VM Region Info: 0x1064b4000 is in 0x1064b4000-0x1064b8000; bytes after start: 0 bytes before end: 16383 REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL mapped file 1064ac000-1064b4000 [ 32K] r-x/rwx SM=COW Object_id=d2a02fbf ---> VM_ALLOCATE 1064b4000-1064b8000 [ 16K] r-x/rwx SM=PRV __TEXT 1064b8000-1068a4000 [ 4016K] r-x/rwx SM=COW my_app.app/Contents/Frameworks/Python.framework/Versions/3.12/Python I can tell it's about codesign and signature invalid. I have tried to rebuild, re-codesign and re-notarize. But the error still persists. Could someone help me? Thanks!

I’m facing an issue with my macOS app after code signing and notarization. The app is signed with my Developer ID and notarized using xcrun notarytool. Everything works fine on the machine where the signing was done — Gatekeeper accepts it, no warning appears, and codesign/spctl checks pass. However, when running the same .app on other Macs, users receive a Gatekeeper warning saying the app is "malicious software and cannot be opened". The signature is valid and the notarization log shows status: Accepted. What I've tried: Verified signature with codesign --verify --deep --strict --verbose=2 Checked notarization status via xcrun notarytool log Assessed Gatekeeper trust with spctl --assess --type execute Everything passes successfully on the development machine. Why would the app be treated as malicious on other systems even after notarization? I'm happy to share logs and technical details if needed.

This is a lengthy one. I have basically compiled a Rust binary into a dylib and packaged into a .xcframework that contains per arch .frameworks. This loads correctly when run from Xcode into a real iOS device. However, when deployed to TestFlight the app crashes. Here is what is a bit different, the dylib is not fully self-contained. It tries to reach in an use C functions I have exposed in my library code. Calling functions that are just within the dylib and just return works fine, but the moment it tries to call one of the exposed functions it crashes. A full in-depth step by step of how I packaged the binaries can be found in my website: https://ospfranco.com/complete-guide-to-dylibs-in-ios-and-android When I look at the TestFlight crash report there are no symbols but the termination cause via WatchDog is: Termination Reason: CODESIGNING 2 Invalid Page I have declared my functions as such: OBJC_EXTERN void ios_prepare_request(const char *url) #define EXPORT __attribute__((visibility("default"), used, retain)) extern "C" { EXPORT void ios_prepare_request(const char *url) { NSString *urlString = [NSString stringWithUTF8String:url]; request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:urlString]]; } } // Function used to prevent optimization void force_symbol_registration() { // Force these symbols to be included in the binary by referencing them volatile void *ptrs[] = {(void *)ios_prepare_request,}; // Prevent compiler from optimizing away the array (void)ptrs; } And I load my framework as: opacity::force_symbol_registration(); // NSBundle *dylib_bundle = // [NSBundle bundleWithIdentifier:@"com.opacitylabs.sdk"]; // NSString *dylib_path = [dylib_bundle pathForResource:@"sdk" ofType:@""]; // // Load the dynamic library // void *handle = dlopen([dylib_path UTF8String], RTLD_NOW | RTLD_GLOBAL); // if (!handle) { // NSString *errorMessage = [NSString stringWithUTF8String:dlerror()]; // *error = // [NSError errorWithDomain:@"OpacitySDKDylibError" // code:1002 // userInfo:@{NSLocalizedDescriptionKey : // errorMessage}]; // return -1; // or appropriate error code // } // Make sure the main executable's symbols are available dlopen(NULL, RTLD_NOW | RTLD_GLOBAL); NSBundle *frameworkBundle = [NSBundle bundleWithIdentifier:@"com.opacitylabs.sdk"]; if (![frameworkBundle isLoaded]) { BOOL success = [frameworkBundle load]; if (!success) { NSString *errorMessage = @"Failed to load framework"; *error = [NSError errorWithDomain:@"OpacitySDKDylibError" code:1002 userInfo:@{NSLocalizedDescriptionKey : errorMessage}]; return -1; } } As you can see, I have also tried dlopen both work when run from Xcode but crash when deployed on testflight. I have tried re-signing the xcframework/frameworks on a pre build step but it doesn't work As stated, I can call the functions inside the dylib, but once they try to call my exposed code it crashes Is this achievable at all or just a limitation of the iOS sandbox?

I am responsible for the mobile app and thus also of the apple developer and app store connect accounts of a company. An external freelancer developed a software package for us which we aim to offer for installation and use on macOS systems of our customers; distributed exclusively outside of the Apple App Store. The software package has nothing to do with the mobile app. MacOS' Gatekeeper currently warns or even prevents our customers regarding the installation of the package on their device; pretty much as described here: https://developer.apple.com/developer-id/. According to a previous talk with Apple's Support, the software package (.app) the Freelancer developed must be signed with one of our own certificates. As we cannot grant selective app store connect access to third persons (only for the concerned certificates), we prefer to not provide access to our entire apple developer account to the freelancer, for the sole reason of the certificate & signing process. According to previous attempts with Apples' support regarding the most feasible solution in this case, they recommended me to manage the signing of the package of the freelancer, and simply request the package from the freelancer. I've thus generated an according Developer ID Certificate, but regarding the signing process, I'm confused. I know how signing works with mobile apps in XCode, but regarding software that is not distributed throughout the App Store on macOS, I'm unsure about the process. Also, as far as I know, the entitlements of the application are involved in the signing process. So my concern is that simply having the software package (.app) from the freelancer is not really enough to complete the signing + notarization process? Won't I need further information about the app's entitlements etc.? I would like to have a clear solution about the procedure that is required in these cases, as online documentations and / or forums as well as previous talks with your non-technical support from Apple did not resolve the issue.

Our app .dmg file was successfully code signed. We then revised the app and created a new .dmg. Running codesign gave an "app is already signed" message. Then running codesign -dv said "code object is not signed at all" Older solutions said to use -f to force signing, but that is no longer an option.

Hello, I have a macOS app built with Flutter’s macOS target (native Xcode project). The app is unsigned (no Developer ID code signing / notarization). The .app bundle looks valid: CFBundlePackageType = APPL Unique CFBundleIdentifier No LSUIElement or LSBackgroundOnly Executable exists and is runnable Placed at /Applications/MyApp.app (top-level), runs fine from Finder However, it does not show up in Launchpad. What I tried: Remove quarantine: xattr -dr com.apple.quarantine "/Applications/MyApp.app" Force Launch Services registration: /System/Library/Frameworks/CoreServices.framework/Frameworks/LaunchServices.framework/Support/lsregister -f "/Applications/MyApp.app" Rebuild LS caches: /System/Library/Frameworks/CoreServices.framework/Frameworks/LaunchServices.framework/Support/lsregister -kill -r -domain local -domain system -domain user Reset Launchpad DB and restart Dock: defaults write com.apple.dock ResetLaunchPad -bool true && killall Dock Verified bundle structure/type: mdls -name kMDItemContentType -name kMDItemKind "/Applications/MyApp.app" → shows com.apple.application-bundle / Application Questions Is code signing/notarization required for an app to appear in Launchpad (even if it runs from Finder)? What additional conditions cause Launchpad to skip an otherwise valid, unsigned .app in /Applications? Are there deeper Launch Services or Dock database checks I can run to diagnose why this specific app is excluded?

I added a watchkit extension to an existing app. I get this error when uploading to App Store Connect. Building the archive itself is fine: Prepared archive for uploading Upload failed error: Validation failed Missing Info.plist value. A value for the key “WKApplication”, or “WKWatchKitApp” if your project has a WatchKit App Extension target, is required in “Runner.app/Watch/watch_Watch_App.app” bundle. For details, see: https://developer.apple.com/documentation/watchkit/creating_independent_watchos_apps/setting_up_a_watchos_project have the exact same issue when bundling. I added the flag manually in a additional plist fields entry with WKApplication=1 because my Info.Plist is generated and it didn't help. I wrote a custom Run Script Phase that added the flag and that didn't help as well. I need a reply from someone from Apple here. This needs to be fixed.

Hi guys, Is there any good up-to-date tutorial about publishing a Python based app on Apple Store? Now, I have developed a standalone Python app from PyCharm, and it's using Pyside6 for UI and some major Python libraries. It's a productivity app with a little A.I. features. I used PyInstaller to prepare the app. Currently, I am stuck at the stage of codesign and Apple Review process, because I am manually doing codesign and building the package from command-line. Without using Xcode, things can get messy or miss easily. It would be nice to follow a up-to-date tutorial about how to complete the codesign and Apple Review process for a Python based app. For example, what to do, how to do, what to be careful during the Apple Review process, etc. Thanks!