Altool Depreciated Notary Tool Q/A?

I noticed that the Altool has been downgraded and is being replaced by the notary tool. I used to send pkg in for notarization like this

xcrun altool --notarize-app --primary-bundle-id "com.Product.pkg" -u "Email@com" -p "1111-2222-3333-4444" -t osx -f Product.pkg

Is it possible to see/get an example of the new notary tool terminal command to be used instead?

I assume also that stapling would be done in the same manor like this directly after notarization is complete and confirmed via email,

xcrun stapler staple Product.pkg

Thank you!!

I have added a notary profile named "NotaryProfile" with app password to keychain is it this by chance?

xcrun notarytool submit "com.Product.pkg" --keychain-profile "NotaryProfile" --wait 

then wait until confirmation and staple?

xcrun stapler staple Product.pkg

There are like 5 videos explaining how it is easier to use notary tool than Altool, however no actual technical infos about terminal commands just some [Apple security engineer] saying how much easier the new way is, just need technical infos. Here is a suggestion […] pay a developer to make an All in one utility for codesiging notarizing and stapling in order to avoid the terminal..

Is it possible to see/get an example of the new notary tool terminal command to be used instead?

Sure. Here’s the command I use:

% xcrun notarytool submit CREDENTIALS /path/to/file/to/submit

where CREDENTIALS is my credentials. You have two options for that:

  • App-specific password

  • App Store Connect API key

For internal reasons I have to use the latter. In that case CREDENTIALS looks like this:

--key /path/to/key.p8 --key-id KEY_ID -i ISSUER

where key.p8 is the App Store Connect API key, KEY_ID is the key ID, and ISSUER is the issuer UUID, both of which you get when you create that key.

If you want to continue using an app-specific password, follow the instructions in Customizing the notarization workflow.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Altool Depreciated Notary Tool Q/A?
 
 
Q