I have used the same notarization commands many times on Mojave and Catalina.. but now when I have upgraded to Big Sur and am trying to notarize as I always do I get an error when I issue the notarization command itself.
I am on Big Sur and am using Xcode 12.2 and it's command line tools.
This is the command as I issued it:
xcrun altool --notarize-app --primary-bundle-id net.omnis.OmnisStudio --file /Users/Das\'s/Desktop/Deploying/Jyotish\ Studio\ 5/Jyotish\ Studio\ 6.zip --username das@xxxxxxani.com --password syfe-xxxx-xxxx-wvug
Like I said that syntax has worked before in two different versions of Xcode on both Mojave and Catalina.. but now it gives the following error text:
What do I do?
2020-11-15 19:10:56.848 altool[3559:161558] CFURLRequestSetHTTPCookieStorageAcceptPolicyblockinvoke: no longer implemented and should not be called
2020-11-15 19:10:59.458 altool[3559:161563] Error:
/Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/itms/bin/iTMSTransporter: eval: line 314: syntax error near unexpected token ('
/Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/itms/bin/iTMSTransporter: eval: line 314: exec "/Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/itms/java/bin/java" -XX:NewSize=2m -Xms32m -DWORootDirectory="" -DWOLocalRootDirectory="" -DWOUserDirectory="/Users/Das's" -DWOEnvClassPath="" -DWOApplicationClass=com.apple.transporter.launcher.Application -DWOPlatform=MacOS -Dcom.webobjects.pid=3560 -Xmx2048m -Xms1024m -Djava.awt.headless=true -Dsun.net.http.retryPost=false -Dhttps.protocols=TLSv1.3,TLSv1.2,TLSv1.1 -Djava.net.preferIPv4Stack=true -DTxHeaders="eyJqZW5nYSI6dHJ1ZX0=" -Dtransporter.client='altool' -Dtransporter.client.version='4.029 (1194)' -Djava.library.path=/Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/itms/macOS/lib:/Users/Das's/Library/Java/Extensions:/Library/Java/Extensions:/Network/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java:. -Djava.security.properties=file:///Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/itms/macOS/conf/java.security -Dmacos.arch=x8664 -Dmacos.rosetta.available=false --illegal-access=deny -p /Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/itms/modules --add-modules=java.activation,java.net.http,java.sql,java.xml,java.xml.bind --add-exports=java.base/sun.security.provider.certpath=ALL-UNNAMED --add-opens=java.xml/com.sun.org.apache.xalan.internal.xsltc.trax=ALL-UNNAMED -jar ./lib/itmstransporter-launcher.jar "-m" "upload" "-u" 'das@goravani.com' "-vp" "json" -DTxHeaders="eyJqZW5nYSI6dHJ1ZX0=" "-sessionid" "@env:D9FFA525-02C1-4341-AFDC-98E2DF432315" "-sharedsecret" "@env:EC47BFA2-50E2-48B0-ABB5-86568BE51E4A" "-f" '/var/folders/f8/l0bl5pwj7sg5j10tq0s6dfc0000gp/T/34B69604-629F-4234-A18E-ADF2608903D5/net.omnis.OmnisStudio.itmsp' "-indicator" "true" "-v" "eXtreme" -Dtransporter.client='altool' -Dtransporter.client.version='4.029 (1194)''
2020-11-15 19:10:59.459 altool[3559:161563] Out:
2020-11-15 19:10:59.478 altool[3559:161552] * Error: Unable to notarize app.
2020-11-15 19:10:59.478 altool[3559:161552] * Error: code -10000 (An error occurred uploading to the App Store.)
Post
Replies
Boosts
Views
Activity
I have an app not made in Xcode, which I notarize. I have no problem notarizing it in a Catalina VM I run with Xcode 11.4 but on my BigSur MacBook Pro with Xcode 12.5.1 (the latest) I cannot code sign. I get the message "resource fork and finder info and similar detritus not allowed". I get this even if I do Xattrib -cr first to clear it all. Code signing my app takes a few code signing commands. The first few go OK but then on the next couple it immediately says that error message as if the first ones inserted more detritus. I cannot finish code signing.
First I do this:
xattr -cr "/Users/richard/Desktop/Deploying/Jyotish Studio 5/Jyotish Studio 7.1.app"
Then I do this:
codesign -f --deep -o runtime --entitlements /Users/richard/Desktop/Deploying/standard_entitlements.plist --timestamp --verbose -s "Developer ID Application: Das Goravani (K6ZXXXXRU)" /Users/richard/Desktop/Deploying/Jyotish\ Studio\ 5/Jyotish\ Studio\ 7.1.app
that one above signs everything, and it seems to insert some detritus because when I issue the next one to seal up the app it gives the error now, but note it does not give the error using the exact same commands in 11.4 on Catalina. Here's the command that gives the error after doing the above:
codesign -f -o runtime --entitlements /Users/richard/Desktop/Deploying/standard_entitlements.plist --timestamp --verbose -s "Developer ID Application: Das Goravani (K6XXXXXRU)" /Users/richard/Desktop/Deploying/Jyotish\ Studio\ 5/Jyotish\ Studio\ 7.1.app
Why do the exact same commands work on 11.4 Xcode and Catalina on a Virtual machine I run and not on BigSur with Xcode 12.5.1?
I cannot now notarize if I use only my main Mac main OS which is BigSur.. can't notarize. I have to run the VM, I have to keep it around, which takes up a lot of drive space, just for notarizing, which bugs me.
Note that I AM doing the xattrib -cr command first to clear all finder info etc.. but somehow it comes back due to signing the app. I also downloaded and tried an app for cleaning detritus from the app, it's called Clean Detritus.. I tried that, ran it, and got the same problem anyway.
Please help.
My tags are Zsh and Command Line Tools
I don't know if either of those apply to what is happening to me.
I have a script which is all the files in my app, for each there's a code sign command in this script. I run the script, and what is happening, according to what it shows in Terminal, it is not finishing the first command, it is starting the second command in the path section of the first, first just cuts off and second begins right there, no return
So naturally it finds a syntax error in the text eventually, none of the commands are run, it just prints the text of the script to screen with the commands merged as I said.
If I copy the commands out of the script one by one and run them in Terminal they run each just fine.
I did chmod 777 Path on the script file. I was told I have to do that to make it able to be run in Termimal.
Those all there is to this. I can't run a perfectly fine script. It checks out in Text and Pages, show invisibles, there are none that are not meant to be there, only spaces and a return at the end of each command.
Why would commands that work singly, not work in a script that is being run simply by dragging it to terminal, the path is typed, the hit return
I am new to this area, I program in a high level language, I only know it, I don't know what most coders know about Terminal and things like privileges, and many things. I only know Omnis.
Thank you.
Das Goravani
I represent a number of "Omnis Developers", people who write apps with Omnis, a RAD, high level language, that does not compile, but rather, we distribute an Omnis Runtime app with our library of code that is interpreted at runtime. We create business apps mainly.
To distribute our apps we include our library of code with a copy of the Omnis runtime app. So when we go to code sign and notarize our apps we are actually signing and notarizing the Omnis app, which we did not create, we license it. Omnis Inc. creates and maintains their executable that we license and distribute.
So when we approach Notarization, we are not the developers of the app we are notarizing. We do not intimately know it's insides, where is the code, and what doesn't need to be code signed.
We were provided a path to notarization by Omnis Inc and it worked fine, still works fine, under Catalina and Xcode 11. That method included using the --deep command. It worked. Omnis is a non-standard app I believe, in terms of where it has code inside it.
Under BigSur and Xcode 12 the --deep command inserts detritus.. you get that message that finder information and similar detritus is not allowed. You cannot finally sign the main app after signing ALL of it's insides. You get stuck.
Instead of using the --deep command Apple recommended to me, or one engineer did, that I sign the insides of the app manually. I did that, but not knowing what to sign I signed everything. I got the "similar detritus" problem.
I am petitioning Omnis to give me a list of folders inside the app that actually need to be code signed. I am hoping that by signing only some things that I will not get the detritus message.
I am posting about this here in case anyone has anything to tell me that will help me.
I have the work around of running a Catalina Virtual Machine and Xcode 11.. that is what I am doing presently. One developer pointed out that Apple will probably not allow code signing from older OS's eventually.. and we will be really stuck. So I am working on this issue presently.
Either the --deep command has to work and not insert detritus, or signing everything has to not insert detritus, or a list of things to sign will not insert detritus.. one of these has to give way to signing without that message coming up.
This is of concern to many Omnis developers worldwide.
We have the Catalina workaround, but for how long?
Sincerely,
Das Goravani
Hello everyone,
I have a MacMini server set up. I recently moved from Florida to North Carolina. Everything was working fine in FL. Now in NC my mail server won't work, as port 25 seems to be blocked.
I am using Dynamic IP Addressing with NO-IP.com. So yes, I have a mail server on a Dynamically Addressed server. This is all in an effort to save money. Also I have to have my own server due to a database engine I run off one of my sites. The database software runs only on Mac, so hence I have a Mac server. I chose to run my email off it, but soon found that I was blacklisted, something that I now know comes from simply being on NO-IP. Consequently I no longer use my mail server for outgoing email, only to receive on an old domain and it's email addresses that are legacy to my business. It is for business reasons that I want these old email addresses to still be able to receive.
I set up everything in NC identical to how it was in FL. I'm with the ISP Spectrum in both states. I have today called Spectrum NC and verified that they do not close any ports. They do not. So it's not my ISP.
On the Mac server, using Network Utility and the PortScan feature it says that port 25 is open. Another technical person did some remote checks and found that port 25 was open.
However if you Telnet into the IP address and port 25 you get a time out error message.
Using MXToolBox on the web also shows that there is a time out.
Mail sent to the addresses simply does not arrive.
I am sending test emails and after awhile getting back undeliverable mail letters stating that connection was refused.
My Mail Serving software on the server says in it's Mail Que that connection was refused.
So some types of checks of port 25 say that it is open while the checks that matter say connection refused, time out, etc.
NO-IP checked my account and says there are no issues. Indeed DNS to the website I host on my server works.. I am able to pull up the website on a remote computer. Spectrum says they do not close ports. I am with Spectrum now as I was when I lived in FL. Everything worked there, but here mail is not working on port 25.
I am aware that my site is black listed on a few sites that do that. This makes sending mail bad, but I use it only to receive. I do my outgoing mail on an iCloud.com account. But I still want to receive on these addresses.
The IP number is currently 107.15.211.220 though this could conceivably change.
The domain is Goravani.com
The server is running Catalina.
The person who wrote MailServe is helpful. He tried to test my port remotely and he said he was able to reach the edge of my router's turf but was NOT able to reach the server through port 25. He assured me therefore that the problem is with the router, or my ISP, or somewhere NOT within his software which is simply called MailServe.
Mind you again that the blacklist's did NOT prevent my mail from working when I lived in FL just days ago. So don't say that the blacklist's are causing this, as they did not.
Everything else is working properly, namely HTTP is working, my website is being served.
I have forwarded the ports as usual through the router. I am very familiar with doing that.
Everything was working in Florida, and before that I lived in Portland Oregon and everything worked there as well. Only now that I move to NC mail alone is not working. Nothing changed, I just moved the server and router to a new address. Given that NO-IP is what I'm using, moving is not a problem normally. They handle the DNS for the new dynamic IP.