Unable to notarize a framework installer

App & System Services General
mixage OP
Created Jan ’21
Replies 2
Boosts 0
Views 1.1k
Participants 2
Hello,

I'm trying to notarize a framework updated to universal 2 architectures (x8664 arm64) with no success.

The framework is signed with "Developer ID Application ..."
The Installer is signed with "Developer ID Installer..."

Notarizing:

xcrun altool --notarize-app --primary-bundle-id "(bundle ID)" --username "(username)" --password "(password)" --file (installer path)

Result:
No errors uploading 'installer.pkg'.
RequestUUID = (notarization ID)

Checking notarization status:
xcrun altool --notarization-info (notarization ID) --username "(username)" --password "(password)"

Result:
Status: invalid
Status Code: 2
Status Message: Package Invalid

spctl --assess -v --type install (installer path)

Result:
installer.pkg: rejected
source=Unnotarized Developer ID

Previous version (i386 x8664) of the framework installer was notarized with no problems. However, trying to re-notarize a fresh build of the previous version fails with the same status.

Some ideas?

Thank you :)

Bruno


Answered by DTS Engineer in 657705022
If you fetch the notarisation log, what does it say?

To fetch fetch the log:

  1. Run --notarization-info.

  2. It prints the LogFileURL property.

  3. Fetch that using your tool of choice (Safari, curl, and so on).

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
Replies  2
Boosts  0
Views  1.1k
Participants  2
DTS Engineer OP
Apple
Jan ’21
Accepted Answer
If you fetch the notarisation log, what does it say?

To fetch fetch the log:

  1. Run --notarization-info.

  2. It prints the LogFileURL property.

  3. Fetch that using your tool of choice (Safari, curl, and so on).

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
0
mixage OP
Jan ’21
Thank you Quinn :)

Checking the notarization status:
xcrun altool --notarization-info (notarization ID) --username "(username)" --password "password"

I''ve got this error description in the returned log:

"issues": [
{
"severity": "error",
"code": null,
"path": "framework.pkg
Contents/Payload/Library/Frameworks/framework.framework/Versions/A/framework",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
},
{
"severity": "error",
"code": null,
"path": "framework.pkg
Contents/Payload/Library/Frameworks/framework.framework/Versions/A/framework",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "arm64"
}
]

Adding the --timestamp flag to XCode "other signing flags"solved the issue.


0
Unable to notarize a framework installer
First post date Last post date
 
 
Q