After adding CFBundleSupportedPlatforms key, error Error: code -20008 (Unable to validate your application. The Info.plist indicates a Mac app, but submitting an ipa. is disappeared Updated Info.plistfile: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CFBundleDevelopmentRegion</key> <string>English</string> <key>CFBundleExecutable</key> <string>HyperBIM-v0.36</string> <key>CFBundleGetInfoString</key> <string></string> <key>CFBundleIconFile</key> <string>hyperbim.icns</string> <key>CFBundleIdentifier</key> <string>com.hyperbim</string> <key>CFBundleInfoDictionaryVersion</key> <string>6.0</string> <key>CFBundleLongVersionString</key> <string></string> <key>CFBundleName</key> <string>HyperBIM-v0.36-22517</string> <key>CFBundlePackageType</key> <string>APPL</string> <key>CFBundleShortVersionString</key> <string>0.36</string> <key>CFBundleSignature</key> <string>????</string> <key>CFBundleVersion</key> <string>0.36-22517</string> <key>CSResourcesFileMapped</key> <true/> <key>NSHumanReadableCopyright</key> <string></string> <key>NSPrincipalClass</key> <string>NSApplication</string> <key>NSHighResolutionCapable</key> <string>True</string> <key>NSMainNibFile</key> <string>MainMenu</string> <key>CFBundleSupportedPlatforms</key> &#9;&#9;<array> &#9;&#9;&#9;&#9;<string>MacOSX</string> &#9;&#9;</array> <key>CFBundleDocumentTypes</key> <array> <dict> <key>CFBundleTypeRole</key> <string>Editor</string> <key>CFBundleTypeExtensions</key> <array> <string>FCStd</string> </array> <key>CFBundleTypeIconFile</key> <string>freecad-doc.icns</string> <key>LSIsAppleDefaultForType</key> <true/> </dict> <dict> <key>CFBundleTypeRole</key> <string>Editor</string> <key>CFBundleTypeExtensions</key> <array> <string>HYPcx</string> </array> <key>CFBundleTypeIconFile</key> <string>hyperbim-doc.icns</string> <key>LSIsAppleDefaultForType</key> <true/> </dict> </array> </dict> </plist> But now on validating app, it throwing list of below errors: xcrun altool --validate-app&#9;-t osx -f ./HyperBIM-v0.36-Signed.pkg&#9;-u <email-id> -p <app-specific-password> 2020-11-10 19:28:05.951 altool[22639:1150229] * Error: Unable to validate archive './HyperBIM-v0.36-Signed.pkg'. 2020-11-10 19:28:05.951 altool[22639:1150229] * Error: code 1091 (App Store operation failed. This bundle is invalid. Product archive "./HyperBIM-v0.36-Signed.pkg" could not be expanded (The operation couldn’t be completed. cpio read error: bad file format).) 2020-11-10 19:28:05.951 altool[22639:1150229] * Error: code 1091 (App Store operation failed. The product archive is invalid. An installer package containing an application bundle was not found in the archive.) 2020-11-10 19:28:05.951 altool[22639:1150229] * Error: code 1091 (App Store operation failed. Invalid product archive metadata. Error in keyPath [product-metadata.product-identifier]. Please re-build your archive with an up-to-date version of Xcode, and submit again.) 2020-11-10 19:28:05.951 altool[22639:1150229] *** Error: code 1091 (App Store operation failed. Invalid product archive metadata. Error in keyPath [product-metadata.product-version]. Please re-build your archive with an up-to-date version of Xcode, and submit again.)

The fundamental problem here is that an Apple Development signing identity is a code signing identity and thus not appropriate for signing an installer package. You need an installer signing identity; typically this is named Mac Installer Distribution (for submission to the Mac App Store) or Developer ID Installer (for independent distribution). Hi, yes after adding 3rd Party Mac Developer Installer certificate I able to signed the application using productsign tool. Could you also take look on below issue? https://developer.apple.com/forums/thread/665848 Thanks in advance!

I compared with the info.plist of one of my apps. I noticed a few differences. Copyright is empty. Don't know if some text required here, could try. Code Block <key>NSHumanReadableCopyright</key> <string></string> Yes, it can be empty. I do not see the NSMainNibFile key, which should be: Code Block <key>NSMainNibFile</key> <string>MainMenu</string> The BundleIdentifier is not in reversed DNS format, as asked for in doc;  Code Block <key>CFBundleIdentifier</key> <string>CreooxAG</string> After adding NSMainNibFile and changing CFBundleIdentifier from CreooxAG to com.hyperbim it still showing same error. xcrun altool --validate-app&#9;-t osx -f ./HyperBIM-v0.36-Signed.pkg&#9;-u <email_id> -p <app-specific-password> 2020-11-10 18:47:02.822 altool[21639:1114872] * Error: Unable to validate archive './HyperBIM-v0.36-Signed.pkg'. 2020-11-10 18:47:02.822 altool[21639:1114872] * Error: code -20008 (Unable to validate your application. The Info.plist indicates a Mac app, but submitting an ipa.) Here is how my Info.plist look like after these updates: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CFBundleDevelopmentRegion</key> <string>English</string> <key>CFBundleExecutable</key> <string>HyperBIM-v0.36</string> <key>CFBundleGetInfoString</key> <string></string> <key>CFBundleIconFile</key> <string>hyperbim.icns</string> <key>CFBundleIdentifier</key> <string>com.hyperbim</string> <key>CFBundleInfoDictionaryVersion</key> <string>6.0</string> <key>CFBundleLongVersionString</key> <string></string> <key>CFBundleName</key> <string>HyperBIM-v0.36-22517</string> <key>CFBundlePackageType</key> <string>APPL</string> <key>CFBundleShortVersionString</key> <string>0.36</string> <key>CFBundleSignature</key> <string>????</string> <key>CFBundleVersion</key> <string>0.36-22517</string> <key>CSResourcesFileMapped</key> <true/> <key>NSHumanReadableCopyright</key> <string></string> <key>NSPrincipalClass</key> <string>NSApplication</string> <key>NSHighResolutionCapable</key> <string>True</string> <key>NSMainNibFile</key> <string>MainMenu</string> <key>CFBundleDocumentTypes</key> <array> <dict> <key>CFBundleTypeRole</key> <string>Editor</string> <key>CFBundleTypeExtensions</key> <array> <string>FCStd</string> </array> <key>CFBundleTypeIconFile</key> <string>freecad-doc.icns</string> <key>LSIsAppleDefaultForType</key> <true/> </dict> <dict> <key>CFBundleTypeRole</key> <string>Editor</string> <key>CFBundleTypeExtensions</key> <array> <string>HYPcx</string> </array> <key>CFBundleTypeIconFile</key> <string>hyperbim-doc.icns</string> <key>LSIsAppleDefaultForType</key> <true/> </dict> </array> </dict> </plist>

Oh, one more thing: Why are you running codesign using sudo? That’s generally not necessary and can cause problems [1]. I recommend that you retest this as follows: Log in to the GUI of the Mac that has the Apple Development: Amritpal Singh (…) identity in its keychain. In Terminal, run security find-identity -v -p codesigning (without the sudo) to confirm that it’s available. Then use codesign (again without the sudo) to sign a simple test tool. What do you see in that case? Yes, without sudo I able to signed the image. $ codesign --deep -s "Apple Development: Amritpal Singh (KC65BTVN4Z)" ./HyperBIM-v0.36.app $ codesign -d --verbose&#9;./HyperBIM-v0.36.app Executable=<path>/APP/HyperBIM-v0.36.app/Contents/MacOS/HyperBIM-v0.36 Identifier=Creoox AG Format=app bundle with generic CodeDirectory v=20200 size=201 flags=0x0(none) hashes=1+3 location=embedded Signature size=4816 Signed Time=03-Nov-2020 at 8:21:29 PM Info.plist entries=17 TeamIdentifier=787KY3SBUJ Sealed Resources version=2 rules=13 files=23070 Internal requirements count=2 size=228 Thanks Eskimo!

Xcode can only sign code that it builds. Based on the snippets in your original post I presumed that you’re not building your app with Xcode. Yes, *.app is build without using Xcode. Does that mean they were previously set to different values? By default trust of certificates is set to "Use System Defaults" and the remaining ones are set to "no value specified". I mean I tried to signing my app with both permission "Use System Defaults" and "Always Trust" but none them solve this problem.

The next most common cause of this problem is a custom trust setting on one of the certificates involved. Use Certificate Assistant to view that chain of certificates: Run Keychain Access. Select your Apple Development: Amritpal Singh (KC65BTVN4Z) certificate. Choose Keychain Access > Certificate Assistant > Evaluate “Apple Development: Amritpal Singh (KC65BTVN4Z)”. Select Code Signing and click Continue. Click Show Certificates to view the chain. As you suggested, I able to see the whole chain Apple Root CA -> Apple Worldwide Developer Relations Certification Authority -> Apple Development: Amritpal Singh (KC65BTVN4Z) and clicking on all three certificates in Certificate Assistant dialog, it shows This certificate is valid. You can then open each certificate in Keychain Access and check its trust settings. To do this: Find the certificate in Keychain Access. Double click it Click the disclosure triangle to display the Trust section. Confirm that the first popup is set to Use System Defaults and the remaining ones are set to “no value specified”. Unfortunately, after changing trust of certificate to "Use System Defaults" and the remaining ones are set to “no value specified” I still getting same error. I also tried to change trust to "Always Trust" but it also not change anything. If codesign tool create problem here, then can we use Xcode to sign my *.app folder. I tried to open *.app folder but Xcode but it throw an error Could not open file. (<path>/my.app). Could you tell me the tutorial/process to sign *.app folder using Xcode (GUI or CLI)? Thanks

Hi Eskimo, As you suggested, I have added WWDR Certificate (Expiring 02/07/2023 21:48:47 UTC) WWDR Certificate (Expiring 02/20/2030 12:00:00 UTC) and Worldwide Developer Relations - G2 Certificate to Keychain Access. λ ~/ sudo security find-identity /Users/ambu/Library/Keychains/login.keychain-db Policy: X.509 Basic &#9;Matching identities &#9;1) AFF80D6344B85AC51D5A44443B9AA5FF7B09A824 "Apple Development: Amritpal Singh (KC65BTVN4Z)" (CSSMERR_TP_NOT_TRUSTED) &#9;&#9; 1 identities found &#9;Valid identities only &#9;1) AFF80D6344B85AC51D5A44443B9AA5FF7B09A824 "Apple Development: Amritpal Singh (KC65BTVN4Z)" (CSSMERR_TP_NOT_TRUSTED) &#9;&#9; 1 valid identities found λ ~/ sudo security find-identity -v -p codesigning &#9;1) AFF80D6344B85AC51D5A44443B9AA5FF7B09A824 "Apple Development: Amritpal Singh (KC65BTVN4Z)" (CSSMERR_TP_NOT_TRUSTED) &#9;&#9; 1 valid identities found But, while code sign *.app, I still getting same error: λ ~/ sudo codesign&#9;--force -s "Apple Development: Amritpal Singh (KC65BTVN4Z)" /Users/ambu/Documents/creoox/FreeCAD-AppImage/conda/osx_dev/APP/HyperBIM-v0.36.app/ Password: /Users/ambu/Documents/creoox/FreeCAD-AppImage/conda/osx_dev/APP/HyperBIM-v0.36.app/: replacing existing signature Warning: unable to build chain to self-signed root for signer "Apple Development: Amritpal Singh (KC65BTVN4Z)" /Users/ambu/Documents/creoox/FreeCAD-AppImage/conda/osx_dev/APP/HyperBIM-v0.36.app/: errSecInternalComponent Do you have any guess where I am wrong? Thanks in advance!