Hi!
I can't notarize my app because I got this:
{
"logFormatVersion": 1,
"jobId": "82527696-eb4a-4a54-9abf-facd715ced40",
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"archiveFilename": "player.app.zip",
"uploadDate": "2020-02-07T11:11:44Z",
"sha256": "c5f9aeaa542a13e308cfbe11366b2827bc112ce7052ad6149489a537c395aaed",
"ticketContents": null,
"issues": [
{
"severity": "error",
"code": null,
"path": "player.app.zip/Contents/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/WebKit.dylib",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "player.app.zip/Contents/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/WebKit.dylib",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "player.app.zip/Contents/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/A2712Enabler",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "player.app.zip/Contents/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/A2712Enabler",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "player.app.zip/Contents/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/A2712Enabler",
"message": "The executable does not have the hardened runtime enabled.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "player.app.zip/Contents/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/Flash Player.plugin/Contents/MacOS/FlashPlayer-10.6",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "player.app.zip/Contents/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/Flash Player.plugin/Contents/MacOS/FlashPlayer-10.6",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
}
]
}
here is my entitlements.plist file:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
</dict>
</plist>
used this tutorial:
https://www.molleindustria.org/blog/notarizing-your-flashair-applications-for-macos/
I'm really appriciate if somebody can help me, because I'm lost.
I think use the right Developer ID Application:
signing.command:
#!/bin/bash
pushd `dirname $0`
PS3='Please enter which application want to sign: '
options=("editor" "editor-demo" "player" "manager")
select opt in "${options[@]}"
do
case $opt in
"editor")
echo "$opt"
break
;;
"editor-demo")
echo "$opt"
break
;;
"player")
echo "$opt"
break
;;
"manager")
echo "$opt"
break
;;
*) echo "invalid option $REPLY";;
esac
done
xattr -cr '../bin/'$opt'.app'
echo "signing $opt"
codesign --force --options runtime --deep --sign 'Developer ID Application: Varadi Gabor (XXXXXXXXXX)' --entitlements 'entitlements.plist' '../bin/'$opt'.app'
echo "verifying $opt"
codesign --verify --verbose=4 ../bin/$opt'.app'
popd
notarizing.command:
#!/bin/bash
pushd $(dirname $0)
PS3='Please enter which application want to notarize: '
options=("editor" "editor-demo" "player" "manager")
select opt in "${options[@]}"; do
case $opt in
"editor")
echo "$opt"
package="hu.devinflow.dynamic.dungeons.editor"
break
;;
"editor-demo")
echo "$opt"
package="hu.devinflow.dynamic.dungeons.editor.demo"
break
;;
"player")
echo "$opt"
package="hu.devinflow.dynamic.dungeons.player"
break
;;
"manager")
package="hu.devinflow.dynamic.dungeons.manager"
echo "$opt"
break
;;
*) echo "invalid option $REPLY" ;;
esac
done
echo "compress $package"
ditto -ck --rsrc --sequesterRsrc "../bin/$opt.app" "../bin/$opt.app.zip"
echo "notarizing $package"
xcrun altool -t osx -f '../bin/'$opt'.app.zip' --primary-bundle-id $package --notarize-app --username varadi83gabor@gmail.com -itc_provider "VaradiGaborXXXXXXXXXX"
popd
verify_notarization.command:
#!/bin/bash
read -p "Enter id for more information: " id
xcrun altool --notarization-info $id -u varadi83gabor@gmail.com