Why: Unable to validate your application

I have a notarized Mac OSX app in a code signed pkg (package) with some non executable files in there as well, like fonts, a website... but when I try to notarize the pkg file, no matter how much I look up answers and try different command line variations, I get


Error: Unable to validate your application. We are unable to create an authentication session.


The package is "valid on disk" and "satisfies all requirements" when checked. So it's signed correctly. The pkg does have a 'run at end' script in it, something that Packages the program, allows.
I have really tried everything, including putting the pkg in a dmg, signing that, and submitting that for notarization, I get the same error.


I'm on Mojave 10.14.6, the latest, with the latest xcode, 11, and have installed the Command_Line_Tools_for_Xcode_11.dmg


Remember, I was able to successfully notarize and staple my mac app, which in my case is Omnis, an app that makes applications, is a widely used product, they have hammered out all problems


It's only trying to notarize my signed package that gives the error.


Any ideas appreciated. Sincerely, "Goravani"

Replies

Today is a day later, and I tried everything from the start. I have all my code signing commands in a text file so I can reproduce what has worked before. Before, I was able to notarize my app packaged in a zip file. This was during the week. Today I try to reproduce that, doing exactly the same commands, and it won't work, gives the error


Unable to validate your application. We are unable to create an authentication session.


I have tried everything I can think of, everything I can find online, wrote a letter to Apple, to which I hope they respond meaningfully.


I feel like being on the latest OS and xcode is working against me.

Now downloading the xcode 11.2 beta and the command line tools for that beta, hopefully things will go better once I get them installed

You do have a currently valid paid Individual Developer Program account, correct?

I'm 60 so I get a little latitude in terms of being retrospective so here goes:


I've been developing in Omnis on a Mac (and Windows only because I have to for sales) for 30 years or since 87. I love the Mac and only use it for everything. In fact I run Windows in VMWare's Fusion on my Mac and only touch it when I have to check my software there and make Windows installers. I really can't stand Windows. The very feel of it's mouse drives me nuts. It seems flimsy and brittle.


I have owned many Macs, but now it's a MacBook Pro for everything. I grew up in the San Francisco Bay Area and watched Apple start and blossom in my lifetime. I've worked at 3 Mac stores in my life. So I helped quite a few people get into their first Mac.


I love Omnis, it's a great development tool. I don't use xcode, that level of coding, lower than I'm used to, is hard for me to like, but I respect it as it is harder than what I do (Omnis is higher level).


I think Apple tends to make the right decisions. The one decision I didn't like was that they discontinued iWeb. I still use it on Mojave despite the warnings that it won't run on Catalina, which was released today.


I don't mind having to tell our users to Right Click and Open with...Installer, in order to install our application. I'm sure the bugs in Notarization will be worked out soon enough. I surely did struggle with Terminal and the code signing and notarization commands, and bugs, greatly, for the last week.


I'm a bit concerned about what I think from reading forums is the Huge Amount of installers from tons of companies that will be blocked as I don't think everybody is ready with working notarized installers. I think even large companies will have to have their tech support working overtime just to tell people to right click. This is one transition that hasn't been handled successfully on time, but hey, that's ok. We'll make it through.


I think we should take a moment and realize that the world isn't ready for Catalina and also that a lot of developers have given up their business due to the 64 bit requirement of Catalina. One of my competitors called it a day I know. One of the largest, most successful music software companies, Izotope, their website and letters recommend staying on Mojave, because they are ready. I had to pay a C coder to upgrade my externals to 64 bit and Unicode in order to be ready for this day. Apple, unlike Microsoft who really stays with backwards compatibility, has pushed us forward, in an aggressive way, off of 32 bit applications.


For me this transition has not been prohibitive because Omnis sees to it that they are 64 bit now, and they released a doc that made notarizing clear and easy... when you use a Tool from a for profit company they tend to do what they can to keep the tool useable and alive for the developer community.


Computers and digital gadgets like iPhones rule our day and age in a big way. I'm glad Apple exists to make them more friendly and nicely working. Windows users spend much more time maintaining and messing with the nuts and bolts of their device than Mac users have to. The Mac is like a sheet of clean white paper with beautiful type on it, and Windows is like an industrial sheet of paper with mono spaced bit mapped type on it. Windows computers can be bought for a few hundred bucks. That's one advantage. They are way cheaper. I still bought a Macbook Pro recently. The difference is phenomenal.


Onwards.

Bug report # is FB7356606

I'm also getting this on a .pkg that I'm trying to notarize. You can use the --verbose flag on the altool to inspect errors.


I still haven't solved the "Unable to validate your application. We are unable to create an authentication session." error, but when I use the --verbose flag on the altool command, I do get an error message in json like so:

"Please sign in with an app-specific password. You can create one at appleid.apple.com. (-22910)"


I thought I was able to use my Apple ID that I used to sign up for a paid account developer.apple.com but apparently not?

So that was the issue for me. You have to create an app-specific password at http://appleid.apple.com/account/manage. Look under the "Security" area, then click "Generate Password..." and that will give you the passwork you can use for the notarization. Now I'm up against another error related to bundle identifier, but at least I got past the error about it not being able to create an authentication session.

RESOLVED


I now have an installer up on my website which is both Mojave and Catalina compatible, which does not get the Malware Block. I achieved this with xcode 10, because 11 and 11.2 wouldn't notarize for me. I downloaded 10 and it worked right away. I ran into problems using Packages the program, to make my pkg, it did something to my app, it corrupted my app, so I switched to DropDMG as my dmg maker and made my installer that way. So I notarized my app with a zip file, then stapled my original app, put it in a dmg with an applications folder alias for them to drag it onto, that method, which DropDMG makes easy, and then signed, notarized, and stapled that final dmg, and that was the ticket to no malware blocks. The system ultimately worked for me. I now get how it works, and how to do it. I'm done for now. Now it's time to work on a bug fix update and then go through this all over again, which is fine. Thanks.

Thanks so much! This was driving me nuts! :-)

Hey, thanks for sharing this! I was wondering if you got past the error related to the bundle identifier too? We're having both of these issues too, so they must be related.