Hello, I have a problem signing the application.
I'm trying to sign 3rd Party Mac Developer Installer, but it says Invalid:
➜ Desktop productbuild --component TechView.app /Applications --sign "3rd Party Mac Developer Installer: KARLOS KORTES ()" --product TechView.app/Contents/Info.plist TechView.pkg
productbuild: Adding component at /Users/wildwolf/Desktop/TechView.app
productbuild: Signing product with identity "3rd Party Mac Developer Installer: KARLOS KORTES ()" from keychain /Users/wildwolf/Library/Keychains/login.keychain-db
productbuild: Adding certificate "Apple Worldwide Developer Relations Certification Authority"
productbuild: Adding certificate "Apple Root CA"
productbuild: Wrote product to TechView.pkg
productbuild: Supported OS versions: [Min: 10.13, Before: None]
➜ Desktop xcrun notarytool submit TechView.pkg --key /Users/wildwolf/Desktop/AuthKey_26Z7J3RBZQ.p8 --key-id 26Z7J3RBZQ --issuer 2af626b1-ffca-4ec1-b9d0-cb1bbdc94742 --wait
Conducting pre-submission checks for TechView.pkg and initiating connection to the Apple notary service...
Submission ID received
id: 3cbfd59c-69a9-42e9-8fd9-074aee705ab9
^Rload progress: 60.47 % (33.4 MB of 55.2 MB)
^Rload progress: 61.49 % (33.9 MB of 55.2 MB)
Upload progress: 100.00 % (55.2 MB of 55.2 MB)
Successfully uploaded file
id: 3cbfd59c-69a9-42e9-8fd9-074aee705ab9
path: /Users/wildwolf/Desktop/TechView.pkg
Waiting for processing to complete.
Current status: Invalid......................
Processing complete
id: 3cbfd59c-69a9-42e9-8fd9-074aee705ab9
status: Invalid
When I sign the Developer ID Installer, everything goes well:
➜ Desktop productbuild --component TechView.app /Applications --sign "Developer ID Installer: KARLOS KORTES ()" --product TechView.app/Contents/Info.plist TechView.pkg
productbuild: Adding component at /Users/wildwolf/Desktop/TechView.app
productbuild: Using timestamp authority for signature
productbuild: Signing product with identity "Developer ID Installer: KARLOS KORTES ()" from keychain /Users/wildwolf/Library/Keychains/login.keychain-db
productbuild: Adding certificate "Developer ID Certification Authority"
productbuild: Adding certificate "Apple Root CA"
productbuild: Wrote product to TechView.pkg
productbuild: Supported OS versions: [Min: 10.13, Before: None]
➜ Desktop xcrun notarytool submit TechView.pkg --key /Users/wildwolf/Desktop/AuthKey_26Z7J3RBZQ.p8 --key-id 26Z7J3RBZQ --issuer 2af626b1-ffca-4ec1-b9d0-cb1bbdc94742 --wait
Conducting pre-submission checks for TechView.pkg and initiating connection to the Apple notary service...
Submission ID received
id: ad1ecc74-5445-43e1-9d45-30b14f0e7132
Upload progress: 100.00 % (55.2 MB of 55.2 MB)
Successfully uploaded file
id: ad1ecc74-5445-43e1-9d45-30b14f0e7132
path: /Users/wildwolf/Desktop/TechView.pkg
Waiting for processing to complete.
Current status: Accepted........................
Processing complete
id: ad1ecc74-5445-43e1-9d45-30b14f0e7132
status: Accepted
Certificates in the system: ➜ Desktop security find-identity -p codesigning -v
- E6E85E18DB601386F0B6DCDBA728D31BAD2A19F2 "Apple Development: KARLOS KORTES (**************)"
- 3CC85A4F196339D3B23DF6A5D2519F427D89BA75 "Apple Distribution: KARLOS KORTES (**************)"
- 351BA454290A9ACAC14DC3D7B3491BAF81CD4CA1 "Developer ID Application: KARLOS KORTES (**************)" 3 valid identities found
➜ Desktop security find-identity -p codesigning -v
- E6E85E18DB601386F0B6DCDBA728D31BAD2A19F2 "Apple Development: KARLOS KORTES (**************)"
- 3CC85A4F196339D3B23DF6A5D2519F427D89BA75 "Apple Distribution: KARLOS KORTES (**************)"
- 351BA454290A9ACAC14DC3D7B3491BAF81CD4CA1 "Developer ID Application: KARLOS KORTES (**************)" 3 valid identities found
➜ Desktop security find-identity -p basic -v
- B7D14C5A225C2D08A78F10801DF5FBD600F41977 "3rd Party Mac Developer Installer: KARLOS KORTES (**************)" (CSSMERR_TP_CERT_REVOKED)
- 1F4AB0AE48760BA22F17AFB1E488D7A5F3AA1C72 "3rd Party Mac Developer Installer: KARLOS KORTES (**************)"
- E6E85E18DB601386F0B6DCDBA728D31BAD2A19F2 "Apple Development: KARLOS KORTES (**************)"
- 3CC85A4F196339D3B23DF6A5D2519F427D89BA75 "Apple Distribution: KARLOS KORTES (**************)"
- 036AB7D7CD8862B5C6EA2B759ADB69E88C3B9F30 "Developer ID Installer: KARLOS KORTES (**************)"
- 351BA454290A9ACAC14DC3D7B3491BAF81CD4CA1 "Developer ID Application: KARLOS KORTES (**************)" 6 valid identities found
What have I tried already, reinstalled, deleted, added new certificates, but the signature with 3rd Party Mac Developer Installer does not work, what am I doing wrong?
It’s really hard for me to read your post. Please use code blocks for chunks of preformatted text. For this and other titbits, see Quinn’s Top Ten DevForums Tips.
AFAICT your issue is that you’re signing your installer with an App Store signing identity (3rd Party Mac Developer Installer: TTT) and then notarising the result. That doesn’t make sense. There are two distribution channels:
-
To ship on the App Store, sign with an App Store signing identity and then upload using
altool. -
To ship directly, sign with an Developer ID signing identity and then notarise with
notarytool.
For detailed advice on how to sign and package Mac code, see:
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"