Post

Replies

Boosts

Views

Activity

DMG is stapled & notarized yet user cannot open in Finder
Hey all. I "Archived" my XCode application, notarized through XCode, exported the .app and used a program create-dmg to generate a DMG for me. I then notarized this using the xcrun notarytool submit Lyric\ Fever\ 1.7.dmg --keychain-profile "notarytoolProfile" command as well as xcrun stapler staple Lyric\ Fever\ 1.7.dmg, both of which passed. Running syspolicy_check distribution also passes. So does xcrun stapler validate. This dmg still fails when testing using spctl. spctl -a -t open -vvv --context context:primary-signature Lyric\ Fever\ 1.7.dmg generates the following error: Lyric Fever 1.7.dmg: rejected origin=Apple Development: Avi Wadhwa (#######) Furthermore, I uploaded this dmg to github and redownloaded it. This newly downloaded dmg does not open in finder, prompting the "unidentifier developer, malware" message. Yet xcrun stapler validate passes, and so does syspolicy_check distribution. I know as per Eskimo's previous posts that this is not the ideal way to test notarization (and setting a macOS vm is the best method), but if I cannot download my own dmg from GitHub then something is clearly wrong.
1
0
571
Apr ’24