Signing macOS application
bogdanoff at me.com
Wed Jan 2 03:24:24 CET 2019
Thanks for your response and for the work you are doing with Levure. I’m very attracted to its functionality for me--structuring and especially providing for updating my application--but haven’t had time to work with it more yet.
I tried the script you suggested, and when I processed the application package (desktop-only app created in LC 8.1.9) I got the error:
codesign process failed: /Users/*path to the app*/MITA.app/Contents/MacOS/MITA: code object is not signed at all [that would be the executable]
In subcomponent: /Users/*path to the app*/MITA.app/Contents/MacOS/MUSITA
I followed Knapp’s suggestion and tried using AppWrapper 3, which gave specific critical errors (among other several apparently non-critical errors):
Bundle identifier “com.artsinteractive” contains a blank segment
When I look at the rev security.dylib file in Terminal I see:
-bash: /Users/*path to the app*/MITA.app/Contents/MacOS/revsecurity.dylib: cannot execute binary file
I then saw a reference somewhere to LC 8.1.10, and so I made a new runtime in that 8.1.10 version.
Levure script — NO errors
App Wrapper 3 — only significant error apparently: "website deployment—both missing private key"
(In Terminal, for revsecurity.dylib, the above “cannot execute binary file” is also shown)
I’m providing the DMG as a download. Is this MISSING KEY an issue? And is there a way to reset my Gatekeeper to test installing the program on my computer?
> On Dec 29, 2018, at 7:01 PM, Trevor DeVore via use-livecode <use-livecode at lists.runrev.com> wrote:
> On Sat, Dec 29, 2018 at 2:20 PM Peter Bogdanoff via use-livecode <
> use-livecode at lists.runrev.com> wrote:
>> I have these IDs:
>> Developer ID Installer
>> Developer ID Application
>> DropDMG shows in its preferences the 'Developer ID Application’ that is
>> used to sign the installer. That should be used and not 'Developer ID
>> Anyone have any guidance on this?
> You do need to sign your app using your “Developer ID Installer” profile.
> There is a script only stack I posted a while ago on gist.github.com that
> will sign an app. Here is the url:
> Just save the gist to a file with a .livecodescript extension and open it
> in the IDE.
> As for DropDMG it has the correct certificate selected. DMGs are not really
> installers but the DMG does need to be signed to appease GateKeeper.
> As Was already mentioned, the Levure packager will take care of signing
> your apps for you. It will sign apps you distribute yourself, sign and
> prepare an app for upload to the Mac App Store, and sign Mac App Store
> development versions for testing. It is quite handy.
> Of course if you are already trying to sign your app for distribution then
> you aren’t at a point where you want to modify your app to use a new
> framework. But something to consider for the future.
> And this all doesn’t have anything to do with Notarization? That’s another
>> step for the future?
> No it does not.
> Trevor DeVore
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
More information about the use-livecode