I was trying to follow the steps of signing my library -> submit it for notarization -> staple it. The first two stages show no error but I had some issues with the final stage of stapling. For example, if I want to staple one of my dynamic libraries, as following,
xcrun stapler staple --verbose libs/libX11.6.dylib
I got the following error,
Processing: /Applications/RMCProfile/libs/libX11.6.dylib
Properties are {
NSURLIsDirectoryKey = 0;
NSURLIsPackageKey = 0;
NSURLIsSymbolicLinkKey = 0;
NSURLLocalizedTypeDescriptionKey = "Unix Executable File";
NSURLTypeIdentifierKey = "com.apple.mach-o-dylib";
"_NSURLIsApplicationKey" = 0;
}
Props are {
cdhash = {length = 20, bytes = 0xbd1e9c1fcae2663f3bb56af9f789557164badd00};
digestAlgorithm = 2;
flags = 65536;
secureTimestamp = "2021-04-25 22:37:07 +0000";
signingId = "org.xquartz.libX11.6.dylib";
teamId = NA574AWV7E;
}
JSON Data is {
records = (
{
recordName = "2/2/bd1e9c1fcae2663f3bb56af9f789557164badd00";
}
);
}
Headers: {
"Content-Type" = "application/json";
}
Domain is api.apple-cloudkit.com
Certificate trust evaluation did not return expected result. (5) [leaf AnchorApple IntermediateMarkerOid LeafMarkersProdAndQA]
Certificate trust evaluation for api.apple-cloudkit.com did not return expected result. Certificate authority pinning mismatch.
Certificate trust evaluation did not return expected result. (5) [leaf AnchorApple IntermediateMarkerOid LeafMarkersProdAndQA]
Certificate trust evaluation for api.apple-cloudkit.com did not return expected result. Certificate authority pinning mismatch.
Could not establish secure connection to api.apple-cloudkit.com
Response is (null)
error is Error Domain=NSURLErrorDomain Code=-999 "cancelled" UserInfo={NSErrorFailingURLStringKey=https://api.apple-cloudkit.com/database/1/com.apple.gk.ticket-delivery/production/public/records/lookup, NSErrorFailingURLKey=https://api.apple-cloudkit.com/database/1/com.apple.gk.ticket-delivery/production/public/records/lookup, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <753649B9-EBC8-42CE-B0DD-0862A2B0D62B>.<1>"
), _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <753649B9-EBC8-42CE-B0DD-0862A2B0D62B>.<1>, NSLocalizedDescription=cancelled}
Size of data is 0
CloudKit's response is inconsistent with expections: (null)
The staple and validate action failed! Error 68.
Can anyone share some thoughts about this? Thank you!
Post
Replies
Boosts
Views
Activity
I have a Fortran program and I compiled it with gfortran, like what follows,
gfortran -mmacosx-version-min=10.14.3 -ffixed-line-length-none -c ../main_tools/thermal_ellipsoid.f90
gfortran -o thermal_ellipsoid thermal_ellipsoid.o
The compiled executable thermal_ellipsoid is working fine locally. However, when I tried to sign the executable using codesign, it was failing. Here follows is the command I used to sign the executable,
codesign -f --timestamp -o runtime -v --sign 'Developer ID Application: XXXXX' thermal_ellipsoid
and here is the error I got,
./thermal_ellipsoid
dyld[45718]: Library not loaded: /usr/local/opt/gcc/lib/gcc/current/libgfortran.5.dylib
Referenced from: <37A6CBC1-BFE9-31F0-B397-34A05BBA2B6C> /Users/y8z/Dev/RMCProfile/mac-gfortran/thermal_ellipsoid
Reason: tried: '/usr/local/opt/gcc/lib/gcc/current/libgfortran.5.dylib' (code signature in <CF6596E0-B4AA-3AD2-9620-74B6FC158924> '/usr/local/Cellar/gcc/13.2.0/lib/gcc/current/libgfortran.5.dylib' not valid for use in process: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.), '/System/Volumes/Preboot/Cryptexes/OS/usr/local/opt/gcc/lib/gcc/current/libgfortran.5.dylib' (no such file), '/usr/local/opt/gcc/lib/gcc/current/libgfortran.5.dylib' (code signature in <CF6596E0-B4AA-3AD2-9620-74B6FC158924> '/usr/local/Cellar/gcc/13.2.0/lib/gcc/current/libgfortran.5.dylib' not valid for use in process: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.), '/usr/lib/libgfortran.5.dylib' (no such file, not in dyld cache), '/usr/local/Cellar/gcc/13.2.0/lib/gcc/current/libgfortran.5.dylib' (code signature in <CF6596E0-B4AA-3AD2-9620-74B6FC158924> '/usr/local/Cellar/gcc/13.2.0/lib/gcc/current/libgfortran.5.dylib' not valid for use in process: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.), '/System/Volumes/Preboot/Cryptexes/OS/usr/local/Cellar/gcc/13.2.0/lib/gcc/current/libgfortran.5.dylib' (no such file), '/usr/local/Cellar/gcc/13.2.0/lib/gcc/current/libgfortran.5.dylib' (code signature in <CF6596E0-B4AA-3AD2-9620-74B6FC158924> '/usr/local/Cellar/gcc/13.2.0/lib/gcc/current/libgfortran.5.dylib' not valid for use in process: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.), '/usr/lib/libgfortran.5.dylib' (no such file, not in dyld cache)
[1] 45718 abort ./thermal_ellipsoid
Is there anything wrong with my code signing?