Post

Replies

Boosts

Views

Activity

Reply to The signature of the binary is invalid
Could this be failing because the timestamps are inconsistent? pkgutil is reporting the timestamp in UTC, but codesign appears to have used local time which in my case (UTC+13) is ahead of the package signing time, UTC, and the local time at the at the notarization server. pkgutil --check-signature myapp.pkg Package "myapp.pkg": Status: signed by a developer certificate issued by Apple for distribution Signed with a trusted timestamp on: 2023-12-19 22:02:34 +0000 ... codesign --display -v --deep --strict myapp.app Executable=/path/to/myapp.app/Contents/MacOS/myapp Identifier=myapp Format=app bundle with Mach-O universal (x86_64 arm64) CodeDirectory v=20500 size=76755 flags=0x10000(runtime) hashes=2392+3 location=embedded Signature size=8991 Timestamp=20/12/2023 at 11:02:19 AM ...
Dec ’23