After installing n application to my AppleTv I can't open it up. I get: This app cannot be installed because its integrity could not be verified.

I built Mac app with Electron-forge and sign and notarize my app with Developer ID Application Certification and @electron/osx-sign, @electron/notarize module. I built my app on macOS Sonoma 14.7. Then I ran the built app on other mac with "App Store and identified developers" Gatekeeper of macOS version 12.7.3 And it worked well. But when I ran it on another mac PC of macOS Sonoma 14.4.1, it said my app is damaged. Why does it happen and How can I solve this issue?

After adding com.apple.developer.persistent-content-capture entitlement the app crashes on macOS 10.13.6 with following crash report Process: Remote for Mac [20489] Path: /Applications/Remote for Mac.app/Contents/MacOS/Remote for Mac Identifier: com.cherpake.macrc.server Version: ??? Code Type: X86-64 (Native) Parent Process: ??? [1] Responsible: Remote for Mac [20489] User ID: 501 Date/Time: 2024-10-09 09:28:35.482 +0300 OS Version: Mac OS X 10.13.6 (17G14042) Report Version: 12 Anonymous UUID: A2BB761B-2A18-0E9E-2470-21BD6C22E7A8 Time Awake Since Boot: 780000 seconds System Integrity Protection: enabled Crashed Thread: 0 Exception Type: EXC_CRASH (Code Signature Invalid) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Termination Reason: Namespace CODESIGNING, Code 0x1 kernel messages: VM Regions Near 0 (cr2): --> __TEXT 0000000105bdc000-0000000105cdd000 [ 1028K] r-x/r-x SM=COW Thread 0 Crashed: 0 ??? 0x00000001099bb19c _dyld_start + 0 Thread 0 crashed with X86 Thread State (64-bit): rax: 0x0000000000000000 rbx: 0x0000000000000000 rcx: 0x0000000000000000 rdx: 0x0000000000000000 rdi: 0x0000000000000000 rsi: 0x0000000000000000 rbp: 0x0000000000000000 rsp: 0x00007ffeea023c10 r8: 0x0000000000000000 r9: 0x0000000000000000 r10: 0x0000000000000000 r11: 0x0000000000000000 r12: 0x0000000000000000 r13: 0x0000000000000000 r14: 0x0000000000000000 r15: 0x0000000000000000 rip: 0x00000001099bb19c rfl: 0x0000000000000200 cr2: 0x0000000000000000 Logical CPU: 0 Error Code: 0x00000000 Trap Number: 0 Binary Images: 0x105bdc000 - 0x105cdcff7 +??? (0) <AB898262-B28C-3B3E-881C-31A6363FF1F6> (null) 0x1099ba000 - 0x109a04adf +??? (551.5) <CB9BFB56-4511-36F1-A546-891FF770C01C> (null) External Modification Summary: Calls made by other processes targeting this process: task_for_pid: 0 thread_create: 0 thread_set_state: 0 Calls made by this process: task_for_pid: 0 thread_create: 0 thread_set_state: 0 Calls made by all processes on this machine: task_for_pid: 332075 thread_create: 0 thread_set_state: 0 VM Region Summary: ReadOnly portion of Libraries: Total=1584K resident=0K(0%) swapped_out_or_unallocated=1584K(100%) Writable regions: Total=8408K written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=8408K(100%) VIRTUAL REGION REGION TYPE SIZE COUNT (non-coalesced) =========== ======= ======= STACK GUARD 56.0M 2 Stack 8192K 2 __DATA 528K 5 __LINKEDIT 268K 4 __TEXT 1328K 3 shared memory 8K 3 =========== ======= ======= TOTAL 66.1M 13 Download link https://dl.cherpake.com/Remote-for-Mac-7962.pkg.zip

I have read the posted solution threads and am still stuck with solving this issue. I have created a python app that works perfect on my machine and I would like to distribute externally via .zip file. I have created a certificate and downloaded it (G2 Sub-CA (Xcode 11.4.1 or later)) Next i have installed the Çert into the login keychain along with the Matching G2 Intermediate Cert (in system) and the proper Root Cert. However I am still not getting a proper chain when evaluating the developer certificate and I am at a loss at this point. I would love to pay someone to simply walk me through it if anyone has some time to solve this problem with me so I can run the notarytool and then distribute my application. Thanks!

Hello, I cannot build a signed app that will both be accepted by Testflight and run locally. Only one or the other! I'm singing my .app and building the package thus: CODESIGN_ID="Apple Distribution: company (number)" INSTALLSIGN_ID="3rd Party Mac Developer Installer: company (number)" codesign --force --deep --entitlements plist.xcent -o runtime --timestamp --sign "$CODESIGN_ID" myapp.app productbuild --sign "$INSTALLSIGN_ID" --timestamp --component myapp.app /Applications myapp.pkg With entitlements: <?xml version="1.0" encoding="UTF-8"?> <plist version="1.0"> <dict> <key>com.apple.security.get-task-allow</key> <false/> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.network.client</key> <true/> <key>com.apple.security.files.user-selected.read-write</key> <true/> <key>com.apple.security.inherit</key> <true/> <key>com.apple.application-identifier</key> <string>TEAM.com.COMPANY.APPNAME</string> <key>com.apple.developer.team-identifier</key> <string>TEAM/string> </dict> </plist> If I leave out the last two entitlements "com.apple.application-identifier" and "com.apple.developer.team-identifier", the package validates and runs locally. It can be uploaded but it is NOT accepted by Testflight. When i add the last two entitlements (above), it will not validate until i also add in my provisioning profile into; myapp.app/Contents/embedded.provisionprofile When this is done, the package validates, uploads and is accepted by Testflight. It can be tested and runs. But, myapp.app will no longer run locally!! no will the local copy of myapp.pkg install. It will only run through Testflight or will run again if i take out the above keys that Testflight apparently requires. Can anyone shed any light on this? Am i doing something wrong. Thanks for any help.

I am managing provisioning profiles manually, including the one for my Notification Service Extension. I am wondering what happens if the provisioning profile for the Notification Service Extension expires. I have two types of apps: An App Store-distributed app An Enterprise-distributed app Can someone clarify how the expiration of the Notification Service Extension's provisioning profile affects both cases? Will the extension stop functioning, or will it continue to work normally?

We have a DriverKit entitlement for our USB driver. We now wish to use this same driver with a variant of our existing application. Of course this application has its own separate App ID and will be published in the App Store alongside our existing application. Will we need to go back to the well and ask Apple for another entitlement?

I am packaging an app with QtWebEngine in it, after codesign the app and the QtWebEngine Framework, the app can run properly. The codesign result is: valid on disk staisfies its Designated requirements Then I notarized and stapled the dmg file, after the dmg installed on Mac, gatekeeper still failed the check. Here is the result for spctl: spctl -a -t open -vvv --context context:primary-signatue Remote\ Graphics\ Workstation_.dmg Remote Graphics Workstation_.dmg: rejected source=Insufficient Context Need help to identify the codesign process and the root cause why gatekeeper fail here, thanks.

I just paid for 99$ a year and it's already 48hrs ago since I've paid. But when I click on my name it still says "Pending" and on the main landingpage on https://developer.apple.com/account it still says this "Purchase your membership. To continue your enrollment, complete your purchase now Your purchase may take up to 48 hours to process." Do I need a membership to codesign and notarising my VST plugins? Cause that'a what I bought it for.

Hello, I have this simulator made in Unity that I want to distribute as Standalone. It consists of launcher which, when users download it, downloads the game. I've built the launcher, got Developer ID Application certificate, added entitlements from: https://docs.unity3d.com/Manual/macoscodesigning.html#signing-identity I've signed the .app of the launcher and 2 dlls chatgpt recommended to sign, zipped it, notarized .zip successfully, stapled to .app and put it on Google Drive to test. I got my other MacBook Pro, downloaded the zip, tried to open it. It did open, but there is a black loading screen saying "0% progress, 0B/0B" indicating that it isn't downloading anything - no network calling. When checked using command xattr -l path/to/file.app I get the following output: com.apple.macl: @?????I???|???? com.apple.quarantine: 0083;67bf1a22;Safari;69764595-CA94-44D2-B679-A69DC4669382 There are some specifics I think are also important to mention. I tried to code-sign it, notarize it and staple it using only Terminal and I'd like to keep it that way because I am very unfamiliar with Mac so I've avoided using Xcode as much as possible I really want to avoid putting the simulator up on the App Store, so I must have Standalone solution and Standalone solution only I believe that there might be problem with needing right entitlements, but I don't know how to check which one's are needed for users to avoid using "xattr" command in terminal to allow the launcher to run because of GateKeeper I've been banging my head against the wall with this problem for over a month and I don't see the light at the end of the tunnel.

Hi guys, I got an error about mac notarization result return 132. here is the stack trace on the logs: 2025-02-25 02:53:55,503 ERROR [org.ecl.cbi.ws.mac.not.xcr.not.NotarytoolNotarizer] (macos-notarization-service-pool-thread-13) Error while parsing the output after the upload of '/tmp/macos-notarization-service/pending-files/myapplication.dmg' to the Apple notarization service: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Premature end of file. at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204) at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1465) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:1013) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:605) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:542) at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:889) at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:825) at java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141) at java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1224) at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:637) at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(SAXParserImpl.java:326) at java.xml/javax.xml.parsers.SAXParser.parse(SAXParser.java:197) at org.eclipse.cbi.ws.macos.notarization.xcrun.common.PListDict.fromXML(PListDict.java:134) at org.eclipse.cbi.ws.macos.notarization.xcrun.notarytool.NotarytoolNotarizer.analyzeSubmissionResult(NotarytoolNotarizer.java:39) at org.eclipse.cbi.ws.macos.notarization.xcrun.common.NotarizationTool.upload(NotarizationTool.java:50) at org.eclipse.cbi.ws.macos.notarization.xcrun.common.Notarizer.lambda$uploadFailsafe$3(Notarizer.java:65) at net.jodah.failsafe.Functions.lambda$get$0(Functions.java:48) at net.jodah.failsafe.RetryPolicyExecutor.lambda$supply$0(RetryPolicyExecutor.java:66) at net.jodah.failsafe.Execution.executeSync(Execution.java:128) at net.jodah.failsafe.FailsafeExecutor.call(FailsafeExecutor.java:379) at net.jodah.failsafe.FailsafeExecutor.get(FailsafeExecutor.java:68) at org.eclipse.cbi.ws.macos.notarization.xcrun.common.Notarizer.uploadFailsafe(Notarizer.java:65) at org.eclipse.cbi.ws.macos.notarization.NotarizationService.lambda$notarize$0(NotarizationService.java:192) at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.base/java.lang.Thread.run(Thread.java:840) Do you know why? If you have any thread or documents telling about the details of return values of the command: 'xcrun notarytool submit'

Hi, I had an issue when I notarized myapplication.dmg with Process 'xcrun notarytool submit' exited with value '132'. Do you know how to solve it? Do you have any explanation about the response value when we execute 'xcrun notarytool submit'? Thank you very much! 2025-02-25 09:36:18,182 ERROR [org.ecl.cbi.ws.mac.not.xcr.not.NotarytoolNotarizer] (macos-notarization-service-pool-thread-14) Error while parsing the output after the upload of '/tmp/macos-notarization-service/pending-files/myapplication.dmg' to the Apple notarization service: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Premature end of file. at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204) at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1465) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:1013) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:605) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:542) at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:889) at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:825) at java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141) at java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1224) at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:637) at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(SAXParserImpl.java:326) at java.xml/javax.xml.parsers.SAXParser.parse(SAXParser.java:197) at org.eclipse.cbi.ws.macos.notarization.xcrun.common.PListDict.fromXML(PListDict.java:134) at org.eclipse.cbi.ws.macos.notarization.xcrun.notarytool.NotarytoolNotarizer.analyzeSubmissionResult(NotarytoolNotarizer.java:39) at org.eclipse.cbi.ws.macos.notarization.xcrun.common.NotarizationTool.upload(NotarizationTool.java:50) at org.eclipse.cbi.ws.macos.notarization.xcrun.common.Notarizer.lambda$uploadFailsafe$3(Notarizer.java:65) at net.jodah.failsafe.Functions.lambda$get$0(Functions.java:48) at net.jodah.failsafe.RetryPolicyExecutor.lambda$supply$0(RetryPolicyExecutor.java:66) at net.jodah.failsafe.Execution.executeSync(Execution.java:128) at net.jodah.failsafe.FailsafeExecutor.call(FailsafeExecutor.java:379) at net.jodah.failsafe.FailsafeExecutor.get(FailsafeExecutor.java:68) at org.eclipse.cbi.ws.macos.notarization.xcrun.common.Notarizer.uploadFailsafe(Notarizer.java:65) at org.eclipse.cbi.ws.macos.notarization.NotarizationService.lambda$notarize$0(NotarizationService.java:192) at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.base/java.lang.Thread.run(Thread.java:840)

I have an existing Xcode project that I am trying to add MusicKit to, but for some reason I am unable to. I have logged into my developer account, and ticked off the MusicKit checkbox under the Services tab of my app in the Certificates, Identifiers & Profiles section. In Xcode I have Automatically manage signing set to true. But MusicKit does not show up as a Capability, neither in the list of capabilities in my app, nor when trying to add it with the +Capability button. I have done this successfully before with Game Center, so I really do not understand why this does not work with MusicKit. Any ideas as to how this can be solved?

Hello, I have a problem signing the application. I'm trying to sign 3rd Party Mac Developer Installer, but it says Invalid: ➜ Desktop productbuild --component TechView.app /Applications --sign "3rd Party Mac Developer Installer: KARLOS KORTES ()" --product TechView.app/Contents/Info.plist TechView.pkg productbuild: Adding component at /Users/wildwolf/Desktop/TechView.app productbuild: Signing product with identity "3rd Party Mac Developer Installer: KARLOS KORTES ()" from keychain /Users/wildwolf/Library/Keychains/login.keychain-db productbuild: Adding certificate "Apple Worldwide Developer Relations Certification Authority" productbuild: Adding certificate "Apple Root CA" productbuild: Wrote product to TechView.pkg productbuild: Supported OS versions: [Min: 10.13, Before: None] ➜ Desktop xcrun notarytool submit TechView.pkg --key /Users/wildwolf/Desktop/AuthKey_26Z7J3RBZQ.p8 --key-id 26Z7J3RBZQ --issuer 2af626b1-ffca-4ec1-b9d0-cb1bbdc94742 --wait Conducting pre-submission checks for TechView.pkg and initiating connection to the Apple notary service... Submission ID received id: 3cbfd59c-69a9-42e9-8fd9-074aee705ab9 ^Rload progress: 60.47 % (33.4 MB of 55.2 MB) ^Rload progress: 61.49 % (33.9 MB of 55.2 MB) Upload progress: 100.00 % (55.2 MB of 55.2 MB) Successfully uploaded file id: 3cbfd59c-69a9-42e9-8fd9-074aee705ab9 path: /Users/wildwolf/Desktop/TechView.pkg Waiting for processing to complete. Current status: Invalid...................... Processing complete id: 3cbfd59c-69a9-42e9-8fd9-074aee705ab9 status: Invalid When I sign the Developer ID Installer, everything goes well: ➜ Desktop productbuild --component TechView.app /Applications --sign "Developer ID Installer: KARLOS KORTES ()" --product TechView.app/Contents/Info.plist TechView.pkg productbuild: Adding component at /Users/wildwolf/Desktop/TechView.app productbuild: Using timestamp authority for signature productbuild: Signing product with identity "Developer ID Installer: KARLOS KORTES ()" from keychain /Users/wildwolf/Library/Keychains/login.keychain-db productbuild: Adding certificate "Developer ID Certification Authority" productbuild: Adding certificate "Apple Root CA" productbuild: Wrote product to TechView.pkg productbuild: Supported OS versions: [Min: 10.13, Before: None] ➜ Desktop xcrun notarytool submit TechView.pkg --key /Users/wildwolf/Desktop/AuthKey_26Z7J3RBZQ.p8 --key-id 26Z7J3RBZQ --issuer 2af626b1-ffca-4ec1-b9d0-cb1bbdc94742 --wait Conducting pre-submission checks for TechView.pkg and initiating connection to the Apple notary service... Submission ID received id: ad1ecc74-5445-43e1-9d45-30b14f0e7132 Upload progress: 100.00 % (55.2 MB of 55.2 MB) Successfully uploaded file id: ad1ecc74-5445-43e1-9d45-30b14f0e7132 path: /Users/wildwolf/Desktop/TechView.pkg Waiting for processing to complete. Current status: Accepted........................ Processing complete id: ad1ecc74-5445-43e1-9d45-30b14f0e7132 status: Accepted Certificates in the system: ➜ Desktop security find-identity -p codesigning -v E6E85E18DB601386F0B6DCDBA728D31BAD2A19F2 "Apple Development: KARLOS KORTES (**************)" 3CC85A4F196339D3B23DF6A5D2519F427D89BA75 "Apple Distribution: KARLOS KORTES (**************)" 351BA454290A9ACAC14DC3D7B3491BAF81CD4CA1 "Developer ID Application: KARLOS KORTES (**************)" 3 valid identities found ➜ Desktop security find-identity -p codesigning -v E6E85E18DB601386F0B6DCDBA728D31BAD2A19F2 "Apple Development: KARLOS KORTES (**************)" 3CC85A4F196339D3B23DF6A5D2519F427D89BA75 "Apple Distribution: KARLOS KORTES (**************)" 351BA454290A9ACAC14DC3D7B3491BAF81CD4CA1 "Developer ID Application: KARLOS KORTES (**************)" 3 valid identities found ➜ Desktop security find-identity -p basic -v B7D14C5A225C2D08A78F10801DF5FBD600F41977 "3rd Party Mac Developer Installer: KARLOS KORTES (**************)" (CSSMERR_TP_CERT_REVOKED) 1F4AB0AE48760BA22F17AFB1E488D7A5F3AA1C72 "3rd Party Mac Developer Installer: KARLOS KORTES (**************)" E6E85E18DB601386F0B6DCDBA728D31BAD2A19F2 "Apple Development: KARLOS KORTES (**************)" 3CC85A4F196339D3B23DF6A5D2519F427D89BA75 "Apple Distribution: KARLOS KORTES (**************)" 036AB7D7CD8862B5C6EA2B759ADB69E88C3B9F30 "Developer ID Installer: KARLOS KORTES (**************)" 351BA454290A9ACAC14DC3D7B3491BAF81CD4CA1 "Developer ID Application: KARLOS KORTES (**************)" 6 valid identities found What have I tried already, reinstalled, deleted, added new certificates, but the signature with 3rd Party Mac Developer Installer does not work, what am I doing wrong?

I am working on releasing my macOS arm64 app. My problem is that after the user downloads the dmg, double-clicking my.app in the dmg, a Gatekeeper pop-up box will appear with a warning that the developer cannot be verified. Question: Can an application signed with "com.apple.security.cs.disable-library-validation" be published as trusted? If yes, what steps have I missed? If not, can I get an official response from Apple? （Because I referred to this post, it seems to mention that it is possible to publish trusted software.I have looked up similar questions on the forum and tried many things, but nothing works. ） Here are my steps: Use the codesign to sign my.app. Because my app needs to access third-party dynamic libraries, entitlements.plist contains a "com.apple.security.cs.disable-library-validation". After the "codesign -dvvv" check, the signature was successful.✅ Use the "xcrun notarytool" command to notarize my app, and the status is displayed as accepted.✅ Use "xcrun stapler staple" to attach the notarization to my app, and it returns success.✅ Use the "spctl -a -v " command to verify whether my app has passed Gatekeeper, and it returns that it has passed.✅ Then I packaged my.app into a dmg, and then attached the notarization mark to the dmg, which was successful.✅ I completed the above steps and distributed the dmg. When I downloaded the dmg as a user test and double-clicked my.app in it, the Gatekeeper pop-up box still appeared, and the developer cannot be verified.❌

Hi Team, I have created multiple certificates for macOS application. Below are the certificates created- Apple Development Certificate DeveloperID Installer Certificate Apple Distribution Certificate others certificates Later, I have imported the all these above certificates in keychain-access. Now, I tried to compile the code through Xcode. I am getting error for code signing certificate. Warning: unable to build chain to self-signed root for signer "Apple Development: Amit (M2WMF2YERI)” .... Command CodeSign failed with a nonzero exit code When I checked the TeamID of User(Amit) I can see that his current TeamID is [P8ZW3W9R2Q]. There is mismatch of teamID in apple development certificate generation. Note- All certificates are generated with current TeamID[P8ZW3W9R2Q] of user (Amit) except Apple Development certificate which has been generated with TeamID [M2WMF2YERI] which is generated with old TeamID of user (Amit). I attempted to generate the apple development certificate multiple times but it is getting generated with old TeamID TeamID[M2WMF2YERI] of user(Amit)
 Summary- While creating a developer certificate using apple developer account and mapping it in keychain, the certificate is being generated with old apple account details (Inactive) instead of the current one. This is causing issues when using the certificate in keychain. If anyone has encountered this issue, how it was resolved?
 Thanks

I’m developing an app on .NET8 for macOS and encountered an issue during App Review with feedback: "An error showed upon launch. The app cannot be opened because the developer cannot be verified. This may be due to an issue with your app’s Gatekeeper conformance." Additionally, the provided screenshot showed this message: "Application is damaged and can't be opened. Delete and reinstall from App Store." Here’s the process I follow to create the package: Build the application. Sign it using the following command: codesign --force --verify --verbose --deep --options runtime --timestamp --entitlements ../Entitlements.plist -s '3rd Party Mac Developer Application: [ID]' Demo.app Create the package using this command: productbuild --component Demo.app /Applications --sign '3rd Party Mac Developer Installer: [ID]' Demo.pkg After installing the app from TestFligt it doesn’t show the errors. Could someone please advise on what might be causing this issue and how I can fix it? The Entitlements.plist file contains the following keys and values: <key>com.apple.application-identifier</key> <string>[ID].com.demo.appc</string> <key>com.apple.developer.team-identifier</key> <string>[ID]</string> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.files.user-selected.read-write</key> <true/> <key>com.apple.security.network.client</key> <true/> <key>com.apple.security.files.bookmarks.app-scope</key> <true/> <key>com.apple.security.cs.allow-jit</key> <true/> <key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/> <key>com.apple.security.cs.allow-dyld-environment-variables</key> <true/> <key>com.apple.security.cs.disable-library-validation</key> <true/> The project file snippet includes the following configuration for the release build: <OutputPath>bin\Release</OutputPath> <Optimize>true</Optimize> <NoStdLib>true</NoStdLib> <UseSGen>false</UseSGen> <UseRefCounting>false</UseRefCounting> <TlsProvider>Default</TlsProvider> <PublishTrimmed>true</PublishTrimmed> <TrimMode>partial</TrimMode> <RunAOTCompilation>false</RunAOTCompilation> <EnablePackageSigning>true</EnablePackageSigning> <CodeSigningKey>3rd Party Mac Developer Application:[ID] </CodeSigningKey> <EnableCodeSigning>True</EnableCodeSigning> <CreatePackage>false</CreatePackage> <PackageSigningKey>3rd Party Mac Developer Installer:[ID] </PackageSigningKey> <Profiling>false</Profiling> <CodeSignProvision>provfile</CodeSignProvision> <CodeSignEntitlements>Entitlements.plist</CodeSignEntitlements> <LangVersion>default</LangVersion>

CodeSign /Users/abc007/Library/Developer/Xcode/DerivedData/App-fjztkcxqsstohgfvqdfnedgpwltj/Build/Intermediates.noindex/ArchiveIntermediates/App/InstallationBuildProductsLocation/Applications/App.app (in target 'App' from project 'App') cd /Users/abc007/Documents/WorkSpace/RegulusIT/Release_Oct_2024/UI\ Backup/ios/App Signing Identity: "Apple Development: Yatin Ghat (JS84GYN3O4)" Provisioning Profile: "iOS Team Provisioning Profile: www.rightschool.net" (bdc0759d-b9d0-4470-8e3f-b5b67d3c2586) /usr/bin/codesign --force --sign 82C0E5904219E333688CE627A21522F732446038 --entitlements /Users/abc007/Library/Developer/Xcode/DerivedData/App-fjztkcxqsstohgfvqdfnedgpwltj/Build/Intermediates.noindex/ArchiveIntermediates/App/IntermediateBuildFilesPath/App.build/Release-iphoneos/App.build/App.app.xcent --generate-entitlement-der /Users/abc007/Library/Developer/Xcode/DerivedData/App-fjztkcxqsstohgfvqdfnedgpwltj/Build/Intermediates.noindex/ArchiveIntermediates/App/InstallationBuildProductsLocation/Applications/App.app /Users/abc007/Library/Developer/Xcode/DerivedData/App-fjztkcxqsstohgfvqdfnedgpwltj/Build/Intermediates.noindex/ArchiveIntermediates/App/InstallationBuildProductsLocation/Applications/App.app: errSecInternalComponent Command CodeSign failed with a nonzero exit code

I'm about at my wit's end trying to figure out why I can sign and notarize code, but am unable to staple the notarization, no matter what I do. I've reinstalled Xcode, reinstalled certificates, and tried about every suggestion that I can find, but still no luck. 2023 M3 MacBook Pro, OS X 15.3.1, Xcode 16.2. I have created a very basic Xcode app to test this with. I am building the project: codegen generate && xcodebuild -project SimpleNotarizationTest.xcodeproj -scheme SimpleNotarizationTest -configuration Release clean build (see attached file for build log) build-log.txt The signature and entitlements verify: codesign -d --entitlements :- ~/Library/Developer/Xcode/DerivedData/SimpleNotarizationTest-*/Build/Products/Release/SimpleNotarizationTest.app Output: Executable=/Users/minter/Library/Developer/Xcode/DerivedData/SimpleNotarizationTest-ecqihdiubptfnldimmjgnqpjr xun/Build/Products/Release/SimpleNotarizationTest.app/Contents/MacOS/SimpleNotarizationTest warning: Specifying ':' in the path is deprecated and will not work in a future release <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "https://www.apple .com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict><key>com.apple.security.app-sandbox</key><true/><k ey>com.apple.security.files.user-selected.read-only</key><true/></dict></plist> I created a zip file: ditto -c -k --keepParent ~/Library/Developer/Xcode/DerivedData/SimpleNotarizationTest-*/Build/Products/Release/SimpleNotarizationTest.app SimpleNotarizationTest.zip I submitted the app for notarization and it was approved: xcrun notarytool submit SimpleNotarizationTest.zip --apple-id "$APPLE_ID" --password "$APPLE_APP_SPECIFIC_PASSWORD" --team-id "$APPLE_TEAM_ID" --wait Output: Conducting pre-submission checks for SimpleNotarizationTest.zip and initiating connection to the Apple notary service... Submission ID received id: d2c0d6b0-cd55-4fa6-b958-09767d562a33 Upload progress: 100.00% (23.6 KB of 23.6 KB) Successfully uploaded file id: d2c0d6b0-cd55-4fa6-b958-09767d562a33 path: /Users/minter/tmp/simple-app-stapling/SimpleNotarizationTest.zip Waiting for processing to complete. Current status: Accepted......... Processing complete id: d2c0d6b0-cd55-4fa6-b958-09767d562a33 status: Accepted I attempt to staple the app: xcrun stapler staple -v ~/Library/Developer/Xcode/DerivedData/SimpleNotarizationTest-*/Build/Products/Release/SimpleNotarizationTest.app And it fails. See verbose stapling log. verbose-stapling-log.txt The top line is that it finds and downloads the ticket, but can't/won't staple. Downloaded ticket has been stored at file:///var/folders/dd/cgm9_v3n399_zqqsphgzs5jh0000gn/T/1b7cb7d8-9a9e-462c-831b-09de1b896d9e.ticket. Could not validate ticket for /Users/minter/Library/Developer/Xcode/DerivedData/SimpleNotarizationTest-ecqihdiubptfnldimmjgnqpjrxun/Build/Products/Release/SimpleNotarizationTest.app The staple and validate action failed! Error 65. Wade-Minter~/tmp/simple-app-stapling(:|✔) % From my debugging, I can say: The code signature appears valid and includes a secure timestamp from Feb 23, 2025 The app is properly signed with Developer ID Application The notarization ticket is being successfully retrieved from Apple's servers (as shown in the verbose output) The ticket is being downloaded to a temporary location, but the stapler is failing to validate it with error 65 The app bundle structure appears complete with all required components The CDHash matches between the code signature and the notarization ticket: 604544b32d7074dd77e2e6f2070f6e2d41f6368d If I run: spctl -a -vv ~/Library/Developer/Xcode/DerivedData/SimpleNotarizationTest-*/Build/Products/Release/SimpleNotarizationTest.app The output is: Wade-Minter~/tmp/simple-app-stapling(:|✔) % spctl -a -vv ~/Library/Developer/Xcode/DerivedData/SimpleNotarizationTest-*/Build/Products/Release/SimpleNotaspctlionTest.app /Users/minter/Library/Developer/Xcode/DerivedData/SimpleNotarizationTest-ecqihdiubptfnldimmjgnqpjrxun/Build/Products/Release/SimpleNotarizationTest.app: rejected source=Unnotarized Developer ID origin=Developer ID Application: Fourth Line LLC (6U2KJ5KDT4) To summarize: The app is being recognized as "Unnotarized Developer ID" despite successful notarization The stapler is able to retrieve the ticket but fails during validation The error code 65 consistently appears during stapling attempts All code signing and bundle integrity checks pass The notarization ticket is being successfully downloaded but not successfully attached Any insight will be appreciated, since I've exhausted every option that I can find.

I have a .NET 6 application that runs in the background. The installer is a .pkg file built using a third-party tool called "Packages". All .dylib and executable files are codesigned before packaging. The resulting .pkg file is notarized. The app uses these entitlements: com.apple.security.cs.allow-jit com.apple.security.cs.allow-unsigned-executable-memory com.apple.security.cs.allow-dyld-environment-variables com.apple.security.cs.disable-library-validation The app is built on a macbook Air 2015 running macOS 12.6 and it works without issues on that machine. On a macbook Pro M3 running macOS 14.6.1 the app fails to run even though the installation itself is successful. The only logs that I was able to find are related to syspolicyd (4 warnings): Unable to apply protection to app: 45, PST: (vuid: A78FF6C2-08D5-4DCC-B946-8836251AA0E7), (objid: 1873967), (team: (null)), (id: (null)), (bundle_id: (null)) Failed to register app bundle for protection: 45, PST: (vuid: A78FF6C2-08D5-4DCC-B946-8836251AA0E7), (objid: 1873967), (team: (null)), (id: (null)), (bundle_id: (null)) scan failed, finishing evaluation : PST: (vuid: A78FF6C2-08D5-4DCC-B946-8836251AA0E7), (objid: 1873967), (team: (null)), (id: (null)), (bundle_id: (null)) Terminating process due to Gatekeeper rejection: 95158, Unfortunately, verification commands such as sudo codesign --verify --deep --strict -vvv MyApplication.App spctl -a -vvv -t install MyApplicationInstaller.pkg do not indicate any issues. Are there any additional steps that need to be performed in order for my app to work properly on newer machines?