we are trying to build MacOS Desktop app using electron code sign-in and notarization has completed basically it is angular application but still unable to open the desktop app getting below error pop-up : screenshot of it. CrashReporter Key: XXXX-XXXX-XXXX-XXXX-XXXX Hardware Model: MacBook Pro (Obfuscated) Process: xnode [5798] Path: /Applications/[App Path]/Contents/MacOS/xnode Identifier: ai.xnode.xnode Version: 1.0.0 (1.0.0.43313) Code Type: X86-64 (Native) Role: Default Parent Process: launchd [1] Coalition: ai.xnode.xnode [5056] Date/Time: [Redacted for Privacy] OS Version: macOS 14.6.1 (23G93) Release Type: User Report Version: 104 Exception Type: EXC_CRASH (SIGKILL (Code Signature Invalid)) Exception Codes: 0x0000000000000000, 0x0000000000000000 Termination Reason: CODESIGNING 1 Taskgated Invalid Signature Triggered by Thread: 0 Thread 0 Crashed: 0 dyld_path_missing 0x10dbb4010 _dyld_start + 0 1 main_executable_path_missing 0x10b395000 ??? Thread 0 crashed with X86 Thread State (64-bit): rax: 0x0000000000000000 rbx: 0x0000000000000000 rcx: 0x0000000000000000 rdx: 0x0000000000000000 rdi: 0x0000000000000000 rsi: 0x0000000000000000 rbp: 0x0000000000000000 rsp: 0x00007ff7b4b6abf8 rip: 0x000000010dbb4010

I am working on releasing my macOS arm64 app. My problem is that after the user downloads the dmg, double-clicking my.app in the dmg, a Gatekeeper pop-up box will appear with a warning that the developer cannot be verified. Question: Can an application signed with "com.apple.security.cs.disable-library-validation" be published as trusted? If yes, what steps have I missed? If not, can I get an official response from Apple? （Because I referred to this post, it seems to mention that it is possible to publish trusted software.I have looked up similar questions on the forum and tried many things, but nothing works. ） Here are my steps: Use the codesign to sign my.app. Because my app needs to access third-party dynamic libraries, entitlements.plist contains a "com.apple.security.cs.disable-library-validation". After the "codesign -dvvv" check, the signature was successful.✅ Use the "xcrun notarytool" command to notarize my app, and the status is displayed as accepted.✅ Use "xcrun stapler staple" to attach the notarization to my app, and it returns success.✅ Use the "spctl -a -v " command to verify whether my app has passed Gatekeeper, and it returns that it has passed.✅ Then I packaged my.app into a dmg, and then attached the notarization mark to the dmg, which was successful.✅ I completed the above steps and distributed the dmg. When I downloaded the dmg as a user test and double-clicked my.app in it, the Gatekeeper pop-up box still appeared, and the developer cannot be verified.❌

I’m developing an app on .NET8 for macOS and encountered an issue during App Review with feedback: "An error showed upon launch. The app cannot be opened because the developer cannot be verified. This may be due to an issue with your app’s Gatekeeper conformance." Additionally, the provided screenshot showed this message: "Application is damaged and can't be opened. Delete and reinstall from App Store." Here’s the process I follow to create the package: Build the application. Sign it using the following command: codesign --force --verify --verbose --deep --options runtime --timestamp --entitlements ../Entitlements.plist -s '3rd Party Mac Developer Application: [ID]' Demo.app Create the package using this command: productbuild --component Demo.app /Applications --sign '3rd Party Mac Developer Installer: [ID]' Demo.pkg After installing the app from TestFligt it doesn’t show the errors. Could someone please advise on what might be causing this issue and how I can fix it? The Entitlements.plist file contains the following keys and values: <key>com.apple.application-identifier</key> <string>[ID].com.demo.appc</string> <key>com.apple.developer.team-identifier</key> <string>[ID]</string> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.files.user-selected.read-write</key> <true/> <key>com.apple.security.network.client</key> <true/> <key>com.apple.security.files.bookmarks.app-scope</key> <true/> <key>com.apple.security.cs.allow-jit</key> <true/> <key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/> <key>com.apple.security.cs.allow-dyld-environment-variables</key> <true/> <key>com.apple.security.cs.disable-library-validation</key> <true/> The project file snippet includes the following configuration for the release build: <OutputPath>bin\Release</OutputPath> <Optimize>true</Optimize> <NoStdLib>true</NoStdLib> <UseSGen>false</UseSGen> <UseRefCounting>false</UseRefCounting> <TlsProvider>Default</TlsProvider> <PublishTrimmed>true</PublishTrimmed> <TrimMode>partial</TrimMode> <RunAOTCompilation>false</RunAOTCompilation> <EnablePackageSigning>true</EnablePackageSigning> <CodeSigningKey>3rd Party Mac Developer Application:[ID] </CodeSigningKey> <EnableCodeSigning>True</EnableCodeSigning> <CreatePackage>false</CreatePackage> <PackageSigningKey>3rd Party Mac Developer Installer:[ID] </PackageSigningKey> <Profiling>false</Profiling> <CodeSignProvision>provfile</CodeSignProvision> <CodeSignEntitlements>Entitlements.plist</CodeSignEntitlements> <LangVersion>default</LangVersion>

I am developling a electron app, failed when notarize. I filled in 3 fields: appleId: my apple account email apple id password: I generated it from https://account.apple.com/account/manage/section/security, the "app-specific password" team id: I get it from https://developer.apple.com/account How can I fix it? Log: { "logFormatVersion": 1, "jobId": "7bedcb38-5ca7-4d69-be96-1bd660b67942", "status": "Rejected", "statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support at developer.apple.com under the topic Development and Technical / Other Development or Technical Questions.", "statusCode": 7000, "archiveFilename": "Samira.zip", "uploadDate": "2024-12-04T11:34:01.999Z", "sha256": "e9cea98493836dfd4c238a25e6d8dae31ed529ed353d4f8463313ee3d431c741", "ticketContents": null, "issues": null }

Hi there I'm having issues signing my app after the app was transfered to my account. This is what I did (in order) and what is happening. Accepted the transfer Updated som code Tried to update the old app with the new app on a test device. This failed with the message Upgrade's application-identifier entitlement string (..DKG.dk..) does not match installed application's application-identifier string (...3ZG.dk..); rejecting upgrade. Added the required entitlements file to XCode to reflect both teams. Now signing fails with the error Provisioning profile "iOS Team Provisioning Profile: ...hyp..." doesn't include the previous-application-identifiers entitlement. Requested a new profile from Apple but got rejected What do I do now? Thanks

Hello, I'm new at developing an ios app, but I have created a basic app, I plan to use just for me using xcode and the language swift. I intend to use this app, to display a video and images on ipads that will be used as KIOS on a trade show. I don't need this app to be published on the app store as I intend to use it solely for my use. Is there a way I can do something like this that won't be restricted with the 10 days restriction? I learned xcode/swift as little as I could to create the app, but now I'm limited to the 10 days, and only 3 devices. Is there a way I can create an offline app, that doesn't have the all the restrictions? I plan to use these ipads over and over again on tradeshows to display my work.

Trying to notarise a small VST3 application, but get the "invalid" status. Chrcked the logfile, and there are a few issues there. How should I resolve this? { "logFormatVersion": 1, "jobId": "4438fc34-4900-4302-bf2f-dd2336f44b89", "status": "Invalid", "statusSummary": "Archive contains critical validation errors", "statusCode": 4000, "archiveFilename": "Abandoned Beta 4.vst3.zip", "uploadDate": "2024-12-07T10:22:59.950Z", "sha256": "25457e4fd6e7eae72e8a892e468cef916d173f2fb30d2156d8ff72e33d0f4fe3", "ticketContents": null, "issues": [ { "severity": "error", "code": null, "path": "Abandoned Beta 4.vst3.zip/Abandoned Beta 4.vst3/Contents/MacOS/Abandoned Beta 4", "message": "The binary is not signed.", "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721", "architecture": "x86_64" }, { "severity": "error", "code": null, "path": "Abandoned Beta 4.vst3.zip/Abandoned Beta 4.vst3/Contents/MacOS/Abandoned Beta 4", "message": "The signature does not include a secure timestamp.", "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733", "architecture": "x86_64" }, { "severity": "error", "code": null, "path": "Abandoned Beta 4.vst3.zip/Abandoned Beta 4.vst3/Contents/MacOS/Abandoned Beta 4", "message": "The signature of the binary is invalid.", "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735", "architecture": "arm64" }, { "severity": "error", "code": null, "path": "Abandoned Beta 4.vst3.zip/Abandoned Beta 4.vst3/Contents/MacOS/Abandoned Beta 4", "message": "The signature does not include a secure timestamp.", "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733", "architecture": "arm64" } ] }

What is the actual ASN.1 structure of the DER encoded entitlements used for iOS and MacOS applications? You can see a sample output at 'The Future is DER', but is there any official documentation or definition?

I got a error when validate App as flow Asset validation failed App sandbox not enabled. The following executables must include the "com.apple.security.app-sandbox" entitlement with a Boolean value of true in the entitlements property list: [( "com.***.yyy.pkg/Payload/***.app/Contents/MacOS/zzz" )] Refer to App Sandbox page at https://developer.apple.com/documentation/security/app_sandbox for more information on sandboxing your app. (ID: dc264017-f236-4e89-a100-e69c7f0fb318) zzz is a command tool build by make, I need codesign it. #1. use two lines below, run succes, but get 'App sandbox not enabled' problem codesign -s "TTT1" -f -v --timestamp --options runtime dist/m_arm64/zzz codesign -s "TTT1" -f -v --timestamp --options runtime dist/m_x64/zzz #2. use two lines below, reduce 'App sandbox not enabled' , but run zzz get 'zsh: trace trap' codesign -s "TTT2" -o runtime --entitlements zzz.entitlements -f dist/debug/zzz codesign -s "TTT2" -o runtime --entitlements zzz.entitlements -f dist/debug/zzz lipo -create dist/m_arm64/zzz dist/m_x64/zzz -output dist/zzz lipo -archs dist/zzz otool -L dist/zzz the zzz.entitlements content is the Info.plist embedded in zzz is #codesign both success codesign -d -vvv ./zzz #use method 2, the sandbox poblem ok codesign --display --entitlements - ./zzz why when codesign with entitlements, the zzz cant run success? if I upload to appstore, the client will get the zsh error? Has anyone encountered this kind of problem before? Reference: https://developer.apple.com/documentation/xcode/embedding-a-helper-tool-in-a-sandboxed-app

Hello, I am on maxOS 14.6 and I developed a C++ application for macOS with graphical-user interface by using wxWidgets. The .app application bundle is built correctly and the application runs. Now I would like to sign it to get it notarized. I get the following error sudo codesign -vvv --deep --strict MyApp.app/Contents/MacOS/MyApp MyApps.app/Contents/MacOS/MyApp: code has no resources but signature indicates they must be present If I check the signature I get % pkgutil --check-signature MyApp.app Package "MyApp": Status: package is invalid (checksum did not verify) How may I fix this? Thank you!

After sending the app archive to apple notarization services, I received the following error: "The signature of the binary is invalid". This error is shown for both the arm64 and x86_64 builds of the app. Some details about the project: I have been able to notarize the app in the past, with the latest successful notarization at the start of October. The organization does have a valid developer membership. The app has no new dependencies since the last successful notarization. The project uses automatic managed signing (no visible errors in xcode). What has changed in app and development environment since the last notarization: Updated macOS to macOS 15. Updated to use new Xcode version (16) The organizations membership did expire for a bit, but is now valid. Changed apps target macOS version from 12.3 -> 13.5. What I've tried to debug / resolve this issue: Clean build folder and re-create archive. Waiting a period of time and retrying the notarization. Toggling 'automatic managed signing' off and on. Tried to look through profiles, provisions, certs to see any issues. Debug the issue with 'codesign -vvv --deep --strict /path/to/binary/or/bundle' CLI command (output said binary was valid). (https://developer.apple.com/documentation/security/resolving-common-notarization-issues) Going back to last successful notarized commit and re-notarizing from that point, but that failed as well (changed version number). Reverted a change of increasing the target macOS version (12.3 -> 13.5). Compare failed notarization app's info.plist to previous info.plist for any obvious errors. I tried to install the previous Xcode version, but it seems to be incompatible with macOS 15. Tried looking online for any other options, but only found a couple similar issues and the suggestions I already tried. I can provide further information if needed.

Hi, I am a long time programmer in C#, and newer to Rust, and a rookie to MacOS 15.1. Over the past few days I have made numerous attempts to run a Rust GUI binary that I compiled on Mac. Here are some examples of things I have tried using. Executable compiled in M1 mac not running on Apple Silicon Mac - help - The Rust Programming Language Forum And here.... How to run unsigned apps in macOS 15.1 Also here... "sudo spctl --master-disable" There are many more that I have tried. I also tried moving the binary from my developer folder to the Application folder and running.... xattr -r -d com.apple.quarantine /Applications/csv Note that "csv" is the name of my binary. You have probably seen this 100 times, so can you point me to me to something that allows my Rust binaries to run under MacOS? PS The Rust program code works just fine under Linux. I can either type Cargo Run and run the binary from the Terminal or go directly to the executable and double click on it to open the GUI application. The only thing that MacOS lets me do it open the GUI from the Terminal. Commander One says that I do not have the proper credentials to open the file directly. Finder also does not allow me to open the binary directly. Thanks, Jim

Hello, I can see this option in my certificate on the developer.apple.com platform. The entitlements file is updated with: com.apple.developer.proximity-reader.payment.acceptance code-block I’ve created a new profile for development and App Store, but in Release mode, my profile is not recognized… What configuration might be missing?

App is built using jdk21, jpackage to create dmg, pulls in the needed jre. Been working fine until about a week ago when notarize start failing bad signing, which when examined it's complaining modified files - a handful of jre license and copyright text files. DMGs built, signed and notarised successfully are now failing codesign verification. Has a macOS 15.1.1 release or Xcode 16.1 patched something, is there new behaviour to be aware of plse?

Hello, I have been implementing faceID authentication using LocalAuthentication, and I've noticed that if i use swift 5 this code compiles but when i change to swift 6 it gives me a crash saying this compile error: i have just created this project for this error purpose so this is my codebase: import LocalAuthentication import SwiftUI struct ContentView: View { @State private var isSuccess: Bool = false var body: some View { VStack { if isSuccess { Text("Succed") } else { Text("not succeed") } } .onAppear(perform: authenticate) } func authenticate() { let context = LAContext() var error: NSError? if context.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &amp;error) { let reason = "We need to your face to open the app" context.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: reason) { sucexd, error in if sucexd { let success = sucexd Task { @MainActor [success] in isSuccess = success } } else { print(error?.localizedDescription as Any) } } } else { print(error as Any) } } } #Preview { ContentView() } also i have tried to not use the task block and also gives me the same error. i think could be something about the LAContext NSObject that is not yet adapted for swift 6 concurrency? also i tried to set to minimal but is the same error Im using xcode 16.1 (16B40) with M1 using MacOS Seqouia 15.0.1 Help.

I applied for the Family Controls (Distribution) entitlement on November 22nd. But I never received a confirmation email after I submitted the request. I then reached out to support who said they would check with the internal team to at least confirm if I had applied. It's now been 20 days and I have received no updates on the status of my application. This entitlement is existential to my app and I have been completely blocked while waiting for this as I can't even distribute the app on TestFlight. I've considered reapplying again just to be safe, but I am worried that might make things worse. I am a bootstrapped solo founder, and a prolonged delay (or outright denial) of this entitlement would be devastating to me. Does anyone have any advice on where to go from here?

A few weeks ago I requested the subject entitlement. I'm still waiting for it to be added to our account. Who or how can I find out what going on with it. I have no correspondence from Apple yet saying it was denied and why. https://developer.apple.com/documentation/bundleresources/entitlements/com.apple.developer.persistent-content-capture?language=objc Thank you.

I built Mac app with Electron-forge and sign and notarize my app with Developer ID Application Certification and @electron/osx-sign, @electron/notarize module. I built my app on macOS Sonoma 14.7. Then I ran the built app on other mac with "App Store and identified developers" Gatekeeper of macOS version 12.7.3 And it worked well. But when I ran it on another mac PC of macOS Sonoma 14.4.1, it said my app is damaged. Why does it happen and How can I solve this issue?

I currently manually resign my application for distribution. Until recently I haven't had any issues with the provisioning profile which I place inside the bundle. However, I just got the following message from the store: ITMS-91109: Invalid package contents - The package contains one or more files with the com.apple.quarantine extended file attribute. The file it is referring to is: Contents/embedded.provisionprofile When I check the xattr on the provisionprofile I see the following line: com.apple.quarantine: 0081;675c6072;Chrome; So it seems like the provisionprofile I have downloaded from developer.apple.com has this attribute set. Any insights on how to properly deal with this submission issue?

No matter how many times I download what seems to be a cert for Mac App Distribution Certificate Type Mac App Distribution When I look at its Apple Mac App Signing extension property in the keychain, it always says Apple Mac App Signing (Development) Whenever I try to use it to code sign, the signing is 'generic' which fails security checks. AI says... The certificate field Apple Mac App Signing (Development) (1.2.840.113635.100.6.1.7) indicates that the certificate is intended for development purposes. This type of certificate is used for signing macOS applications during the development and testing phases. But that is not what I am expecting to get from the certificate type Mac App Distribution. What can I do to actually get to production?