My MacOS application has been accepted when submitted for notarisation but I am getting an error 65 when submitting for stapling. Further, notarisation fails even when run on a clean mac. It throws an unknown developer error.

Hi,

I have built a MacOS application that I intend to distribute directly. I have created a disk image and code-signed successfully with the following response.

xcrun notarytool info <UUID> --apple-id "<your-apple-id>" --password "<app-specific-password>" --team-id "<your-team-id>"

I have also submitted the app for notarisation which says it's accepted.

equipp@equipps-MacBook-Pro dist % xcrun notarytool submit SendFiles.dmg --keychain-profile "Sendfiles-Notarisation" --wait

Conducting pre-submission checks for SendFiles.dmg and initiating connection to the Apple notary service...

Submission ID received

id: a2941225-b036-47b3-a010-547b0dce6a1a

Upload progress: 100.00% (79.0 MB of 79.0 MB)

Successfully uploaded file

id: a2941225-b036-47b3-a010-547b0dce6a1a

path: /Users/equipp/Documents/GitHub/sendfiles/dist/SendFiles.dmg

Waiting for processing to complete.

Current status: Accepted................

Processing complete

id: a2941225-b036-47b3-a010-547b0dce6a1a

status: Accepted

When I run the application on a clean mac, I am still getting the error that this application is from an unidentified developer and might contain malware.(There's internet connection)

However, when I try to staple the application, I am getting an error 65. Unsure what's going wrong with the notarisation.

equipp@equipps-MacBook-Pro dist % xcrun stapler staple SendFiles.dmg

Processing: /Users/equipp/Documents/GitHub/sendfiles/dist/SendFiles.dmg

Could not validate ticket for /Users/equipp/Documents/GitHub/sendfiles/dist/SendFiles.dmg

The staple and validate action failed! Error 65.

equipp@equipps-MacBook-Pro dist %

Can you please help?

When posting preformatted code, it helps if you put it in a code block. See Quinn’s Top Ten DevForums Tips for advice on how to do that.

Error 65 means that you’re trying to staple a ticket to an item that’s not been validated by the notary service. However, you’ve clearly submitted that disk image to the notary service. I suspect that the disk image isn’t signed, and thus isn’t included in the resulting ticket.

Do this:

  1. Dump the code signature of the disk image:

    % codesign -d -vvv SendFiles.dmg
    
  2. Note down the cdhash value.

  3. Run stapler in verbose mode. You should see it looking for a ticket for that cdhash value.

  4. Fetch the notary log for your request. Does it list the cdhash value you get in step 1.

For advice on how to sign a disk image, see Packaging Mac software for distribution.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

My MacOS application has been accepted when submitted for notarisation but I am getting an error 65 when submitting for stapling. Further, notarisation fails even when run on a clean mac. It throws an unknown developer error.
 
 
Q