Hi everyone,
I am currently facing troubles to notarize the MacOS app I distribute to our customer. I successfully signed my executable and the dmg that packages it with my Apple Developer certificate.
I then successfully submitted a notarization ticket for my dmg by using "xcrun notarytool submit" command line.
Nevertheless when reading the log, my notarization fails because of the following error in the json output:
{
"severity": "error",
"code": null,
"path": "MyDMG.dmg/MyApp.app/Contents/Resources/sklearn/.dylibs/libomp.dylib",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721",
"architecture": "i386"
}
When running codesign -dv MyApp.app/Contents/Resources/sklearn/.dylibs/libomp.dylib
I see indeed that the existing signature seems to lack some valid elements (Team ID...):
Identifier=libomp-55554944b4aef647421b3b93bf0a9f6317d56c44
Format=Mach-O universal (i386 x86_64)
CodeDirectory v=20400 size=4104 flags=0x2(adhoc) hashes=122+2 location=embedded
Signature=adhoc
Info.plist=not bound
TeamIdentifier=not set
Sealed Resources=none
Internal requirements count=0 size=12
I tried to sign it with my Apple Developer certificate with codesign
using the "-f" option to erase the existing signature but it seems like it is impossible because I get the following error:
dist/dmg/Vib3s.app/Contents/Resources/sklearn/.dylibs/libomp.dylib: library validation flag cannot be used with an i386 binary
When I check again the file the signature indeed didn't change.
I also tried using an entitlements.plist file and setting the com.apple.security.cs.disable-library-validation
option to true
doesn't work.
Would you guys know the proper way to proceed to successfully notarize my app please?