I am developping an app using .NET Framework 4.5.2 under Visual Studio for Mac.
Apple has added security features to their latest Mac versions, so I'd like to notarize the application so that Gatekeeper can read the generated ticket and other Mac users who download the application don't get a security warning when launching the application.
After Visual Studio builds the application thanks to Xamarin.Mac, I manually run a few commands in order to sign the .app. Then, I create an installer, producing a .dmg file containing the .app file. Then, I send the .dmg file to the notarization service, which produces a report containing the two following lines.
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
The commands for signing the .app are the following.
codesign -vvv --strict --force --timestamp --options runtime MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/Resources/UpdateApp.app/Contents/MacOS/UpdateApp
codesign -vvv --strict --force --timestamp MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/MyFramework
codesign -vvv --strict --force --timestamp MyApp.app/Contents/Library/loginItems/LoginApp.app
codesign -vvv --strict --force --timestamp --options runtime MyApp.app/Contents/PlugIns/FinderExt.appex
codesign -vvv --strict --force --timestamp MyApp.app
Double-clicking on the .app file launches the application, which is what I want. But the notarization report says
The executable does not have the hardened runtime enabled.
for the two following applications
MyApp.dmg/MyApp.app/Contents/Library/loginItems/LoginApp.app/Contents/MacOS/LoginApp
MyApp.dmg/MyApp.app/Contents/MacOS/MyApp
To try and correct this issue, I have added the --options
parameter for the LoginApp.
codesign -vvv --strict --force --timestamp --options runtime MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/Resources/UpdateApp.app/Contents/MacOS/UpdateApp
codesign -vvv --strict --force --timestamp MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/MyFramework
codesign -vvv --strict --force --timestamp --options runtime MyApp.app/Contents/Library/loginItems/LoginApp.app
codesign -vvv --strict --force --timestamp --options runtime MyApp.app/Contents/PlugIns/FinderExt.appex
codesign -vvv --strict --force --timestamp MyApp.app
Double-clicking on the .app file still launches the application, which is what I want. And the notarization report still says
The executable does not have the hardened runtime enabled.
but only for the second application, the one for which the codesign
command was not modified.
MyApp.dmg/MyApp.app/Contents/MacOS/MyApp
Therefore, it seemed obvious to me that all I had to do to successfully notarize the application was to modify the second codesign
command in the same way.
codesign -vvv --strict --force --timestamp --options runtime MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/Resources/UpdateApp.app/Contents/MacOS/UpdateApp
codesign -vvv --strict --force --timestamp MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/MyFramework
codesign -vvv --strict --force --timestamp --options runtime MyApp.app/Contents/Library/loginItems/LoginApp.app
codesign -vvv --strict --force --timestamp --options runtime MyApp.app/Contents/PlugIns/FinderExt.appex
codesign -vvv --strict --force --timestamp --options runtime MyApp.app
And I was right because the notarization report doesn't show errors anymore and a ticket is generated for Gatekeeper. But when I double-click on the .app in order to run the application, this time, it doesn't launch. In Mac's Console app, I can see a crash report is generated with the following lines.
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
I don't understand how I can get a SIGSEGV
crash, since the application is exactly the same and there is only the codesign
command which is adapted in order for the application the be notarized.
What I have is that I can either launch the application or have it notarized, and what I want is to have both, a notarized application that can also be launched without crashing, as it does before the codesign
commands.
I have read the two following pages of Apple documentation that I could find about that subject, and I think I have followed all the given advice with no luck in resolving my issue.
https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution
https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues
I've been trying to figure out for a while and I tried several combinations of codesign
commands and parameters. What am I missing? Thanks in advance for any pointer.
N.B. : all the codesign
commands also include a --sign "Developer ID Application: MyCompany ([...])"
parameter.
Open your entitlements.plist file in a text editor and add