Hello Tiemo, When did you create these certificates? And what is your MacOS version, and the Xcode version returned if you type "xcode-select -p" in a Terminal? I am wondering if you need to install the new Apple Worldwide Developer Relations Intermediate Certificate:
https://developer.apple.com/support/wwdr-intermediate-certificate/ You can find it here: https://developer.apple.com/support/expiration/ Kind regards, Panos -- On Tue, 4 May 2021 at 19:02, Tiemo via use-livecode < use-livecode@lists.runrev.com> wrote: > Hi Matthias, > > still struggeling ... > > I have two developer certificates in my keychain: > Developer ID Installer : <my ID> > Developer ID Application: <my ID> > > Using the Application certificate on the app and pkg and dmg, all > codesigning is fine, even when verifying it, but I get the "The binary is > not signed" error in the notarization log, when notarizing the dmg ??? > Using the Installer certificate on the pkg, I get already the error when > codesigning the pkg "this identity cannot be used for signing code" ??? > > All errors are the same, either using the tool "Packages" or creating the > package on command line by pkgbuild > (productbuild is only for builing appStore apps, as far as I see it) > > I must be missing something obvious > > Any other ideas? > Tiemo > > > -----Ursprüngliche Nachricht----- > Von: use-livecode <use-livecode-boun...@lists.runrev.com> Im Auftrag von > matthias rebbe via use-livecode > Gesendet: Dienstag, 4. Mai 2021 13:49 > An: How to use LiveCode <use-livecode@lists.runrev.com> > Cc: matthias_livecode_150...@m-r-d.de > Betreff: Re: notarizing DMG fails > > Tiemo, > > you can create 2 different installer certificates in you Apple developer > account. > One is called 'Mac Installer Distribution' and is used for code signing > installers for the Mac App Store. > The other one is called 'Developer ID Installer' and is used to code sign > your Installer Package for distribution outside of the Mac App Store > > Which one did you use for signing the packager? > > And another question, how did you build the package? Did you use a 3rd > party tool or did you use 'productbuild' in Terminal? > If you used a 3rd party tool, then could you please try to create the > package installer using terminal command? > > productbuild --sign <Developer ID Installer signing identity> --component > <path_to_your_App> /Applications <path_of_the_packager> > > example > productbuild --sign "Developer ID Installer: Matthias Rebbe > (xxxxxxxxxxxxx)" --component "/users/matthias/LC/builts/test/test.app" > /Applications "/users/matthias/downloads/MyPackager.pkg" > > > But maybe it was just the wrong installer certificate > > Regards > Matthias > > > - > Matthias Rebbe > Life Is Too Short For Boring Code > > > Am 04.05.2021 um 12:08 schrieb Tiemo via use-livecode < > use-livecode@lists.runrev.com>: > > > > Hi Matthias, > > > > thank you for your ideas. I tried both. > > > > When using just signed, but not notarized apps, packing, signing the > > pkg, wrapping into dmg, signing the dmg, I get the same error when > > notarizing the dmg "The binary is not signed" > > > > When trying to notarize the signed pkg via terminal I get the error: > > "unable to notarize app" > > "Upload succeeded but did not receive a RequestedUUID. Unable to > > upload your app for notarization (-1018)" > > > > I also tried to use the "Installer" certificate instead of the > "Application" > > certificate, but trying this with codesigning the package, I get the > > error "this identitiy cannot be used" > > (actually I don't know for what purposes you can use the Installer > > certificate) > > > > > > Codesigning and notarizing the apps works fine ... > > > > Perhaps I'll look for another packager and go testing with another > packager. > > > > Any other ideas? > > Tiemo > > > > > > -----Ursprüngliche Nachricht----- > > Von: use-livecode <use-livecode-boun...@lists.runrev.com> Im Auftrag > > von matthias rebbe via use-livecode > > Gesendet: Dienstag, 4. Mai 2021 10:34 > > An: How to use LiveCode <use-livecode@lists.runrev.com> > > Cc: matthias_livecode_150...@m-r-d.de > > Betreff: Re: notarizing DMG fails > > > > Hi Tiemo, > > > > but you did not create a .pkg from the a notarized app, did you? > > > > You have to create and code sign a .pkg from the code signed, but not > > notarized, .app and then you have to notarize only the .pkg or the > > code signed .dmg, if you want to distribute as .dmg. > > So the steps are > > > > 1. code sign your .app - do not notarize it! > > 2. create a .pkg from the .app and code sign it 3. if you want to > > distribute as dmg, create .dmg with the .pkg and code sign the .dmg 4. > > notarize the .pkg (or the .dmg) > > > > The staple process then writes the needed information to the .dmg, to > > the containing .pkg and the .app. > > > > If these are the steps you've done already, then could you please try > > the following using the helper stack > > > > 1. code sign .app > > 2. notarize the .app using the '.zip method' > > > > Is this successful? Then the problem does not rely on your .app. > > In this case please repeat and code sign the .app using the helper > > stack and use the .dmg method > > > > Is this successful? If so, then also the .dmg is fine > > > > Repeat now manually, as .pkg is not supported by the helper stack. > > > > 1. code sign .app > > 2. create .pkg > > 3. code sign .pkg > > 4. notarize .pkg > > > > Is this successful? > > > > Regards, > > > > Matthias > > > > > > > > > > > > > > - > > Matthias Rebbe > > Life Is Too Short For Boring Code > > > >> Am 04.05.2021 um 09:47 schrieb Tiemo via use-livecode > > <use-livecode@lists.runrev.com>: > >> > >> Hello, > >> > >> > >> > >> I have signed and notarized several apps with Matthias tool - > >> successful > >> > >> Then I packaged theses apps with Packages and signed the package via > >> terminal - successful > >> > >> Then I put the pkg into a dmg via DMG canvas and signed the dmg via > >> terminal - successful > >> > >> Then I uploaded the dmg for notarization via terminal. The upload was > >> successful, but the email from apple told me, that the upload was not > >> notarized and the logfile tells me: > >> > >> > >> > >> Severity: Error > >> > >> Path: "DGSlern_Update_1.0.0.4.dmg/DGS Lernprogramm 1.0.0.4 Update .pkg" > >> > >> Message: The binary is not signed > >> > >> > >> > >> This is a bit irritating. Has anybody anytime encountered such > >> conflicting messages? > >> > >> Any idea, where to look for? > >> > >> Thanks > >> > >> Tiemo > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> _______________________________________________ > >> use-livecode mailing list > >> use-livecode@lists.runrev.com > >> Please visit this url to subscribe, unsubscribe and manage your > > subscription preferences: > >> http://lists.runrev.com/mailman/listinfo/use-livecode > > > > > > _______________________________________________ > > use-livecode mailing list > > use-livecode@lists.runrev.com > > Please visit this url to subscribe, unsubscribe and manage your > > subscription > > preferences: > > http://lists.runrev.com/mailman/listinfo/use-livecode > > > > > > _______________________________________________ > > use-livecode mailing list > > use-livecode@lists.runrev.com > > Please visit this url to subscribe, unsubscribe and manage your > subscription preferences: > > http://lists.runrev.com/mailman/listinfo/use-livecode > > > _______________________________________________ > use-livecode mailing list > use-livecode@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your > subscription preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode > > > _______________________________________________ > use-livecode mailing list > use-livecode@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your > subscription preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode > _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
