0 Replies
      Latest reply on Jun 4, 2019 4:24 PM by rtrouton
      rtrouton Level 1 Level 1 (0 points)

        Question: Is there functionality in macOS Catalina's AppleScript Script Editor / Automator for notarizing apps built using these tools, similar to what's available in Xcode?



        Answer: Command line tools need to be used for notarization.



        Question: If not, is there documentation available for notarizing Automator and AppleScript apps as a post-build action?



        Answer: Yes, use the documentation for command line notarization using altool.



        Customizing the Notarization Workflow: https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution/customizing_the_notarization_workflow



        Question: Why do signed apps need to be zipped / disk imaged / packaged before notarization?



        Answer: The notarization service can only accept single objects. If there's a situation where this isn't an option, contact ADC Support and they should be able to assist.



        Developer Support: https://developer.apple.com/support/



        Question: How can I store and access the notarization one-time password in a keychain?



        Answer: Refer to the altool man page (only available once Xcode has been installed) for the various ways to pass the one-time password to altool. If using a keychain, reference keychain name, then the name of the password object inside the keychain.



        Question: You can staple an installer package and disk image directly, but zip files can't be stapled directly. Why?



        Answer: For disk images and packages, Apple can add metadata to a signed .dmg and .pkg to add the stapling. They can't do that for a zip file without injecting a file into the .zip archive, which would modify the contents of the .zip file. This is undesired behavior from Apple's point of view, so they're not doing it.