I'm trying to notarize an existing color picker pane. Color picker panes (additions to the system colorpicker) are bundles with a .colorPicker extension and a structure similar to a .app bundle.
1.) I signed the colorPicker bundle with:
codesign -f -s "Developer ID Application: MyCompany, LLC " /Users/ralph/MyColorPicker.colorPicker --timestamp --deep --options runtime
note the --timestamp
2.) I then used DropDMG to wrap the .colorPicker bundle in a dmg and then signed the dmg
codesign -f -s "Developer ID Application: MyCompany, LLC " /Users/ralph/MyColorPicker.colorPicker.dmg --timestamp --deep --options runtime
3.) I then submitted the dmg to the notarization service with:
xcrun altool --notarize-app -f /Users/ralph/MyColorPicker.colorPicker.dmg
--primary-bundle-id com.mycompany.MyColorPicker -u AppleID -p AppSpecificPassword
It loaded without error, but then the dread email...
Your Mac software was not notarized
After going throughthe conniptions to get the ridiculously long URL for the log file, this is what it thinks is wrong
{
"severity": "error",
"code": null,
"path": "MyColorPicker.colorPicker.dmg/MyColorPicker.colorPicker/Contents/Resources/EWSMacCompress.tar.gz/EWSMacCompress.tar/EWSMac.framework/Versions/A/EWSMac67108868",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64h"
},
{
"severity": "error",
"code": null,
"path": "MyColorPicker.colorPicker.dmg/MyColorPicker.colorPicker/Contents/Resources/EWSMacCompress.tar.gz/EWSMacCompress.tar/EWSMac.framework/Versions/A/EWSMac67108868",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64h"
}
??? I thought I signed it and with the --timestamp option.
Investigating:
codesign -vvv --deep --strict /Users/ralph/MyColorPicker.colorPicker.dmg
results in:
/Users/ralph/MyColorPicker.colorPicker.dmg: valid on disk
/Users/ralph/MyColorPicker.colorPicker.dmg: satisfies its Designated Requirement
codesign -dvv /Users/ralph/MyColorPicker.colorPicker.dmg
results in:
Identifier=MyColorPicker.colorPicker
Format=disk image
CodeDirectory v=20200 size=319 flags=0x10000(runtime) hashes=1+6 location=embedded
Signature size=8939
Authority=Developer ID Application: MyCompany, LLC (XXXXXXXXXX)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Apr 16, 2020 at 10:06:14 AM
Info.plist=not bound
TeamIdentifier=XXXXXXXXXX
Sealed Resources=none
Internal requirements count=1 size=192
--------------------------------
Any insights greatly appreciated. This is driving me nuts.