Hello, I'm trying to submit an app to apple connect that is build outside of xcode but I'm getting this email saying the files have an invalid signature. I'm doing a step wrong or maybe using the wrong signature but not sure what is supposed to be the way to do it.
The app is written with python and pyside, and packaged with pyinstaller.
In the pyinstaller .spec file I set the codesign_identity
and entitlements_file
and also fill some things to the info_plist
(CFBundleVersion, LSApplicationCategoryType, etc).
This results in a .app
file, which then I run a command on it:
productbuild --component path/to/file.app /Applications path/to/file.pkg --sign <id>
And then push with:
xcrun altool --upload-app path/to/file.pkg --type macos -u <username> -p <password>
I'm able to upload but then I get the email with the signature error (ITMS-90238: Invalid Signature).
Are these steps ok, or something else is needed?
macOS supports two different categories of signing identities:
-
Code signing identities
-
Install signing identities
Within each category there are different identities for each distribution channel. For code signing, see the list in the Confirm Your Code Signing Identity section of Creating Distribution-Signed Code for Mac. For installer signing, see the Build an Installer Package section of Packaging Mac Software for Distribution.
My understanding is that you want to distribute via the Mac App Store. If so:
-
You’ll need an
Apple Distribution: TTT
identity to sign your code (or the old school3rd Party Mac Developer Application: TTT
equivalent). -
You’ll need an
3rd Party Mac Developer Installer: TTT
identity to sign your installer package.
Apple Development: TTT
signing identities are for day-to-day code signing during development. And Developer ID Application: TTT
ones are for signing code that’s distributed independently.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"