Signing macOS application

Peter Bogdanoff bogdanoff at
Wed Jan 2 03:24:24 CET 2019


Thanks for your response and for the work you are doing with Levure. I’m very attracted to its functionality for me--structuring and especially providing for updating my application--but haven’t had time to work with it more yet.

I tried the script you suggested, and when I processed the application package (desktop-only app created in LC 8.1.9) I got the error:
	codesign process failed: /Users/*path to the app*/ code object is not signed at all [that would be the executable]
	In subcomponent: /Users/*path to the app*/

I followed Knapp’s suggestion and tried using AppWrapper 3, which gave specific critical errors (among other several apparently non-critical errors):
	Missing “/usr/local/lib/revsecurity.dylib
	Bundle identifier “com.artsinteractive” contains a blank segment

When I look at the rev security.dylib file in Terminal I see:
-bash: /Users/*path to the app*/ cannot execute binary file


I then saw a reference somewhere to LC 8.1.10, and so I made a new runtime in that 8.1.10 version.

Levure script — NO errors
App Wrapper 3 — only significant error apparently: "website deployment—both missing private key"
(In Terminal, for revsecurity.dylib, the above “cannot execute binary file” is also shown)

I’m providing the DMG as a download. Is this MISSING KEY an issue? And is there a way to reset my Gatekeeper to test installing the program on my computer?

Peter Bogdanoff

> On Dec 29, 2018, at 7:01 PM, Trevor DeVore via use-livecode <use-livecode at> wrote:
> On Sat, Dec 29, 2018 at 2:20 PM Peter Bogdanoff via use-livecode <
> use-livecode at> wrote:
>> I have these IDs:
>>        Developer ID Installer
>>        Developer ID Application
>> DropDMG shows in its preferences the 'Developer ID Application’ that is
>> used to sign the installer. That should be used and not 'Developer ID
>> Installer’?
>> Anyone have any guidance on this?
> You do need to sign your app using your “Developer ID Installer” profile.
> There is a script only stack I posted a while ago on that
> will sign an app. Here is the url:
> Just save the gist to a file with a .livecodescript extension and open it
> in the IDE.
> As for DropDMG it has the correct certificate selected. DMGs are not really
> installers but the DMG does need to be signed to appease GateKeeper.
> As Was already mentioned, the Levure packager will take care of signing
> your apps for you. It will sign apps you distribute yourself, sign and
> prepare an app for upload to the Mac App Store, and sign Mac App Store
> development versions for testing. It is quite handy.
> Of course if you are already trying to sign your app for distribution then
> you aren’t at a point where you want to modify your app to use a new
> framework. But something to consider for the future.
> And this all doesn’t have anything to do with Notarization? That’s another
>> step for the future?
> No it does not.
> --
> Trevor DeVore
> ScreenSteps
> _______________________________________________
> use-livecode mailing list
> use-livecode at
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:

More information about the use-livecode mailing list