Hi people, I hope you could help me as I am stuck in a dead end.
I am a developper for company and we are changing from altool to notarytool.
Prior to that the code of the app has not been signed.
So now what I do is:
codesign --deep --force --verbose --timestamp --options runtime --sign "Developer ID Application: Phrase a.s. (${PHRASE_ID})" ${codesigne_app}
The result of this operation is verified with
codesign --deep --strict --vvv ${codesigne_app}
which ends in a lot of --prepared and --validated lines with
TranslationEditor.app: valid on disk
TranslationEditor.app: satisfies its Designated Requirement
Yet when I try to upload for notarization
res=$(xcrun notarytool submit te-build/dist/app/TranslationEditor.app.zip --apple-id stepan.svoboda@memsource.com --password $APP_PASSWORD --team-id ${PHRASE_ID} --wait 2>&1)
I get
{
"logFormatVersion": 1,
"jobId": "2b959997-4ac5-4bc5-a220-8f46d6b91a9b",
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"archiveFilename": "TranslationEditor.app.zip",
"uploadDate": "2023-08-29T05:53:39.152Z",
"sha256": "938633e08d17f1d658ada3987017a8e9bf5afee96e5f976b31809df5daf5677c",
"ticketContents": null,
"issues": [
{
"severity": "error",
"code": null,
"path": "TranslationEditor.app.zip/TranslationEditor.app/Contents/MacOS/TranslationEditor",
"message": "The signature of the binary is invalid.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
"architecture": "x86_64"
}
]
}
I visited the link, tried to google, ChatGPT about it. Tried to verify the codesign ...
Do you know how I can learn why it is signature of the binary is invalid? Maybe to get some more detailed log? Something the hints on what was deemed invalid?
How I can debug that? How I can learn what is wrong? I am short on ideas.