Hello, I need to notarize my java application in order to upload it to brew. The files that need to notarize are: "uber.jar" file shell script file without any file type. To my understanding those files are not notarizable files, what can i do in order to solve it?

Greetings, everyone! In case it proves helpful, I've crafted a Bash script to streamline the notarization process. Here's a breakdown of its features: Prompts you to select the app for notarization Offers optional codesigning before notarization Generates a ZIP file for notarization Requests your credentials (Apple ID, Team ID, and app-specific password) Submits the ZIP file for notarization Cleans up by deleting the ZIP file used for notarization Staples the app after notarization Creates a new ZIP file for distribution You can check it out on GitHub: Notarization Assistant

I have create an installer with self app and some app in public domain (such as GIMP). The installer and self app are all signed without error. But after notarisation, it reported that the app in public domain has error. (The signature of the binary is invalid.) But my self app has no error. I had checked the app in public domain is signed also. What is the possible problem and how can I fix it?

questions about Apple's notarization standards I've found that notarization seems to be based on the team ID, with a shared history. Is my understanding correct? If an app named ABC is initially notarized under team A, and then later updates are notarized under team B, will there be any issues? In my tests, notarizing the same app under teams A and B didn't cause any problems, but I'm curious about potential issues if there's a change in team IDs in the future. Is it possible to delete the notarization history or transfer it to a different team ID?

What is the proper process for notarizing an installer package? I have tried every permutation I can find and it always returns "The signature of the binary is invalid". It's a Qt6 app if that is relevant. I've bundled and signed the app using: macdeployqt myapp.app \ -always-overwrite -verbose=1 \ -hardened-runtime \ -sign-for-notarization=\"$${sign_name}\" \ It verifies OK codesign -v --verify --deep myapp.app myapp.app: valid on disk myapp.app: satisfies its Designated Requirement I have successfully notarized and stapled it: ... The staple and validate action worked! This is where I'm not sure of the proper process. I've used pkgbuild to put the app into .pkg file and successfully signed that using an Installer ID. pkgutil --check-signature myapp-signed.pkg Package "myapp-signed.pkg": Status: signed by a developer certificate issued by Apple for distribution ... On attempting to notarise this packge I get The signature of the binary is invalid for every shared library and the executable in the package. That error message is not very useful so how do I diagnose the issue? So far I've tried a few things I've found on the forum but the error is always the same unhelpful one.

I know I have to be doing something wrong. I've been trying notarize my app for a few days. I've bundled my app and am able to sign with hardened runtime. When I submit for notary with this command /Applications/Xcode.app/Contents/Developer/usr/bin/notarytool submit /path/to/your/file.zip --wait --key "/path/to/your/AuthKey_ABCD1234.p8" --key-id "ABCD1234" --issuer "uuid-issuer-id" it just eventually times out with no feedback or error report.

We have developed a secure desktop app using QT, we are developing and delivering this app for more than 2 years. While deploying app we perform codesigning and notarization of app and we use Ventura on build system. So the issue we observed is that if we install this app on any macOS version below Sonoma it works as expected and in Apparency we can see code signature is verified and also app in notarized. But if we install the same app on Sonoma and check in Apparency, it shows signature can't be verified.

For reasons beyond the scope of this post, I need to build one of my products on macOS 10.14 I was using xcrun altool --notarize-app but it stopped working today (per the recent announcement that it was going away, so not a surprise) I am told that it is possible to run the notarytool on 10.14, i.e. xcrun notarytool, which is what I use for builds on newer platforms. I'm hoping that someone can help me to get a version of notarytool that will run on 10.14 Thanks in advance

Throws an eroor [2023-12-07 07:55:36 UZT] DBG-X: parameter MetadataChecksum = 62c853b5b00cf96f96576b4d48ce6d0a [2023-12-07 07:55:36 UZT] DBG-X: parameter MetadataCompressed = (suppressed) [2023-12-07 07:55:36 UZT] DBG-X: parameter MetadataInfo = {app_platform=osx, primary_bundle_identifier=ocean.drive.app, device_id=, bundle_identifier=, packageVersion=software5.9, apple_id=, asset_types=[developer-id-package], bundle_version=, bundle_short_version_string=} [2023-12-07 07:55:36 UZT] DBG-X: parameter OSIdentifier = Mac OS X 12.2.1 (x86_64); jvm=14.0.2+12-iTunesOpenJDK-8; jre=14.0.2+12-iTunesOpenJDK-8 [2023-12-07 07:55:36 UZT] DBG-X: parameter PackageName = 0b641208d73f17697b28370fa99ad8a7.itmsp [2023-12-07 07:55:36 UZT] DBG-X: parameter PackageSize = 228662271 [2023-12-07 07:55:36 UZT] DBG-X: parameter StatisticsClientStartDateTimeZoneISO = 2023-12-07T07:55:36+05:00 [2023-12-07 07:55:36 UZT] DBG-X: parameter TransporterArguments = -m upload -u @@@@ -vp json -DTxHeaders=eyJqZW5nYSI6dHJ1ZX0= -sessionid @env:8A006125-AC15-400B-9FC2-C4D609DB7FA1 -sharedsecret hidden value -itc_provider PROVIDER -f /var/folders/g9/kz8cw8b57rg14vlnwhc77j840000gn/T/F75419E9-DDDB-4F74-BC71-B970FD924FB4/0b641208d73f17697b28370fa99ad8a7.itmsp -indicator true -v eXtreme -Dtransporter.client=altool -Dtransporter.client.version=5.329 (1309) [2023-12-07 07:55:36 UZT] DBG-X: parameter Version = 3.3.0 [2023-12-07 07:55:36 UZT] DBG-X: parameter iTMSTransporterMode = upload [2023-12-07 07:55:36 UZT] INFO: id = 20231207075536-140 [2023-12-07 07:55:36 UZT] INFO: iTMSTransporter Correlation Key: f33460ff-fc03-4158-bed2-b2e99ffd521c-0001 [2023-12-07 07:55:36 UZT] DEBUG: SMART-CLIENT: Host HTTP header: contentdelivery01.itunes.apple.com [2023-12-07 07:55:36 UZT] DBG-X: Apple's web service operation return value: [2023-12-07 07:55:36 UZT] DBG-X: parameter Errors = [Unable to process validateMetadata request at this time due to a general error (1019)] [2023-12-07 07:55:36 UZT] DBG-X: parameter RestartClient = false [2023-12-07 07:55:36 UZT] DBG-X: parameter ErrorCode = 1019 [2023-12-07 07:55:36 UZT] DBG-X: parameter ErrorMessage = Unable to process validateMetadata request at this time due to a general error (1019) [2023-12-07 07:55:36 UZT] DBG-X: parameter ShouldUseRESTAPIs = false [2023-12-07 07:55:36 UZT] DBG-X: parameter Success = false [2023-12-07 07:55:36 UZT] ERROR: Unable to process validateMetadata request at this time due to a general error (1019) [2023-12-07 07:55:36 UZT] DBG-X: The error code is: 1019 [2023-12-07 07:55:36 UZT] INFO: JSON:{"msg":{"phase":"Upload","count":2,"description":"Operation failed","index":2},"messageType":"VerifyProgress"} [2023-12-07 07:55:36 UZT] DBG-X: Returning 1 2023-12-07 07:55:36.750 Out: Package Summary: 1 package(s) were not uploaded because they had problems: /var/folders/g9/kz8cw8b57rg14vlnwhc77j840000gn/T/F75419E9-DDDB-4F74-BC71-B970FD924FB4/0b641208d73f17697b28370fa99ad8a7.itmsp - Error Messages: Unable to process validateMetadata request at this time due to a general error (1019) 2023-12-07 07:55:36.797 *** Error: Notarization failed for '/var/folders/g9/kz8cw8b57rg14vlnwhc77j840000gn/T/electron-notarize-LC5Kmm/OceanDrive.zip'. 2023-12-07 07:55:36.797 *** Error: Unable to process validateMetadata request at this time due to a general error (1019) (1019) 2023-12-07 07:55:36.797 *** Warning: altool has been deprecated for notarization and starting in late 2023 will no longer be supported by the Apple notary service. You should start using notarytool to notarize your software. (-1030)

Hi Guys, I am facing a problem I find difficult to debug. I had a company Apple ID, member of team, that I used for notaryzation of an app via: res=$(xcrun notarytool submit ${file_to_notarize} --apple-id stepan.svoboda@memsource.com --password ${password} --team-id PK8H4S4HPF --wait 2>&1) But I will be leaving the company soon so we created new apple ID. desktop@phrase.com We invited this ID to team. And assigned it admin role. I generated app specific password and I am using it with this new apple ID But then running: res=$(xcrun notarytool submit ${file_to_notarize} --apple-id desktop@phrase.com --password ${password} --team-id PK8H4S4HPF --wait 2>&1) Fails with: Error: HTTP status code: 401. Unable to authenticate. Invalid session. Ensure that all authentication arguments are correct. And I run out of ideas what to check, what could be wrong.

Hi, I want to use notarytool to let my installer *pkg being notarized by apple. The app is a swift desktop app, not supposed to be distributed through the app store. It is already signed and notarized through xcode. Verification done and it has been aproved. So the process should be working. I'm facing an issue when using notarytool to store cretentials. I followed the steps for described here https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow My app specific password I created here: https://appleid.apple.com/account/manage When I try to strore credentials I get a 401, what did I miss here? xcrun notarytool store-credentials --verbose [07:21:52.672Z] Debug [MAIN] Running notarytool version: 1.0.0 (32), date: 2023-12-01T07:21:52Z, command: /Applications/Xcode.app/Contents/Developer/usr/bin/notarytool store-credentials --verbose This process stores your credentials securely in the Keychain. You reference these credentials later using a profile name. Profile name: notarytool-pw We recommend using App Store Connect API keys for authentication. If you'd like to authenticate with an Apple ID and app-specific password instead, leave this unspecified. Path to App Store Connect API private key: Switching prompts to app-specific password credentials. Developer Apple ID: <my developer Apple ID> App-specific password for <my developer Apple ID>: <the app specific password I created earlier> Developer Team ID: <my developer team ID> Validating your credentials... [07:31:40.888Z] Info [API] Initialized Notary API with base URL: https://appstoreconnect.apple.com/notary/v2/ [07:31:40.890Z] Info [API] Preparing GET request to URL: https://appstoreconnect.apple.com/notary/v2/test?, Parameters: [:], Custom Headers: private<Dictionary<String, String>> [07:31:40.890Z] Debug [AUTHENTICATION] Delaying current request to refresh app-specific password token. [07:31:40.891Z] Info [API] Preparing GET request to URL: https://appstoreconnect.apple.com/notary/v2/asp?, Parameters: [:], Custom Headers: private<Dictionary<String, String>> [07:31:40.891Z] Debug [AUTHENTICATION] Authenticating request to '/notary/v2/asp' with Basic Auth. Username: <my developer Apple ID>, Password: private<String>, Team ID: <my developer team ID> [07:31:40.892Z] Debug [TASKMANAGER] Starting Task Manager loop to wait for asynchronous HTTP calls. [07:31:41.921Z] Debug [API] Received response status code: 401, message: unauthorized, URL: https://appstoreconnect.apple.com/notary/v2/asp?, Correlation Key: 6WYAHNFB6NYEVPPJOT5KJMNPAE [07:31:41.922Z] Error [TASKMANAGER] Completed Task with ID 2 has encountered an error. [07:31:41.922Z] Debug [TASKMANAGER] Ending Task Manager loop. Error: HTTP status code: 401. Unable to authenticate. Invalid session. Ensure that all authentication arguments are correct.

I am trying to package a Mac Electron app using Electron Forge capabilities. Code signing works fine, but there is a problem with notarising. I get "Finalizing package Failed to staple your application with code: 65". The notarize component of my forge.config.js is: "osxNotarize: { tool: 'notarytool', appBundleId: 'com.ImmersiveDSP.ImmerGo-StudioLive', appleId: process.env.APPLE_ID, appleIdPassword: process.env.APPLE_PASSWORD, teamId: process.env.APPLE_TEAM_ID, }" I provide my Apple ID and the app password in a terminal message together with npm run make. This worked in May this year, but now not. In a JSON response, I do get " reason = "Record not found". Anyone else had this issue and resolved it? Is there a way that I can view my notarize requests and see what the issue is?

Notarizing was working fine on my account, but suddenly stopped working with this error message. I've contacted Apple Developer Program support and they told me it's an internal issue on their side, that their engineers are working on it and that they'll answer me when the engineers have an answer. The thing is, this thing has been going for 3 months. Every time I email the support I get a bot message saying "our engineers are looking into it". And my account still is unable to notarize my app. What's going on? I've message several other Apple Developers and none of them had to deal with this. Why is this happening to my account? This is blocking the launch of my project(https://focuslit.app), which I worked months and have costumers asking about the new features, but I can't release a new version without notarizing. What can I do? I'm seriously thinking about refunding everyone and dropping the project, I never felt this mistreated by a company(which I have all products and used to love) before.

I used ChatGPT to help me build a screensaver of 40 images to be shown randomly in Xcode. It works great but I get the error below when trying to deploy it on other Macs. I signed up for a developer account and a Gethub account and thought Xcode was walking me through how to notarize the software but am now stuck. I'm not a true programmer. Can someone assist me in getting this notarized as this is the last thing holding me up from launching my business - granulartraining.com Error - “CyberSecurity Reminders.saver” can’t be opened because Apple cannot check it for malicious software. Thanks. Tom

I have changed our notarization script to use notarytool. See here: https://github.com/mixxxdj/mixxx/blob/32d918a8e64fffea7039356de0fa94799e3fcc7e/packaging/macos/sign_notarize_staple.sh#L30 The workflow run timed out after 5 minutes here: https://github.com/mixxxdj/mixxx/actions/runs/6834172969/job/18586695826 The notarization request is still in progress: https://appstoreconnect.apple.com/notary/v2/submissions/ef8cf93e-c084-43eb-be1d-7ec2f20f9377 I have tried again, with another request that sucks in a the "status": "In Progress" I am using Xcode 13.2.1 and macOS 10.12 as deployment target on macOS 11.7.10 What could have gone wrong?

I've been waiting over an hour at this point—is something down or is the pipeline just really, really backed up?

I have been using XCODE to distribute macOS apps to a few "testers" by Archiving and then using the button Distribute App -> Developper ID -> using automatic signing and uploading to notary service. I am aware that Altool is deprecated and stopped working - and of TN3147 - which explains how to migrate using command line/scripts. However, since I upgraded to XCODE 14.3, I would have thought that the Distribute App button for the archived project no longer uses altool AmI correct? where in XCODE can I check if the Distribute App button uses Notary Tool? or is the only way to transition is to implement the scripts discussed in TN3147 and never use the Distribute App button? after today using Distribute App button - I have been suck in "In-Progress" for more than 1 hour - when I just made a rather small update to the code of this previously notarized app - which usually gets notarize very quickly. I will get into svripts etc. per TN3147 if I have too - but I was just wondering why XCODE 14.3 Distribute App would not be already "wired" to use the notarytoll (as it used to be for altool in previous version? Thanks