> On Oct 6, 2023, at 6:31 PM, Alexander Matveev <almat...@openjdk.org> wrote:
>
> CSR [JDK-8316631](https://bugs.openjdk.org/browse/JDK-8316631).
> We will not do any validations of certificates in this case like we do with
> --mac-signing-key-user-name or we will not check if produced application
> image or installer got signed correctly.
Again, a suggestion might be to do a codesign verify. For example…
codesign -v --verbose=4 outputdir/HalfPipe.app
man codesign
-v, --verify
Requests verification of code signatures. If other actions (sign,
display, etc.) are also requested, -v is interpreted to mean --verbose.
Doing this might allow to fail if errors are indicated or at least provide
information maybe on verbose runs if there seem to be problems.
