Hi, thank you for the reply.
I did check the Notary Log, and it did give me more detailed response than the API.
However, I don't quite understand why it's failing.
Here is the error response I got:
"issues": [
{
"severity": "error",
"code": null,
"path": "cariad-vv.dmg/cariad-vv",
"message": "The binary is not signed with a valid Developer ID certificate.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721",
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "cariad-vv.dmg/cariad-vv",
"message": "The signature does not include a secure timestamp.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733",
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "cariad-vv.dmg/cariad-vv",
"message": "The executable does not have the hardened runtime enabled.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087724",
"architecture": "x86_64"
}
]
However, I did verify the code, and here is the response
/Users/runner/work/1/a/cli/osx-x64/cariad-vv.dmg: valid on disk
/Users/runner/work/1/a/cli/osx-x64/cariad-vv.dmg: satisfies its Designated Requirement
Display codesign...
Executable=/Users/runner/work/1/a/cli/osx-x64/cariad-vv.dmg
Identifier=cariad-vv
Format=disk image
CodeDirectory v=20200 size=297 flags=0x10000(runtime) hashes=1+6 location=embedded
Signature size=8974
Timestamp=Feb 22, 2024 at 12:18:19 AM
Info.plist=not bound
TeamIdentifier=974NQDDRW2
Sealed Resources=none
Internal requirements count=1 size=172
I also codesign it with the these 2 options --options runtime --timestamp, which are for secure timestamp and enable the hardened runtime, right?
I wonder if I missed any steps.
Thank you for the help.