codesign --verify is OK, but spctl --assess gives "a sealed resource is missing or invalid"

Hi,

I am codesigning my macOS app from terminal (after adding some resources I don't want to copy using Xcode build phases). When I verify the signature using "codesign --verify", this is OK, but when I run "spctl --assess", I get "a sealed resource is missing or invalid".

How can I know which resource is missing or invalid? What does spctl checks that codesign don't?

Thanks

Up vote post of tartiflette74 Down vote post of tartiflette74
7.3k views
Posted by
tartiflette74
Reply
Add a Comment

Accepted Reply

I found the issue: one of the agent processes bundled inside my .app was incorrectly signed; using codesign --verify --deep --verbose allowed me to find this.

Posted by
tartiflette74
Up vote reply of tartiflette74 Down vote reply of tartiflette74
Post marked as solved
Add a Comment

Replies

I found the issue: one of the agent processes bundled inside my .app was incorrectly signed; using codesign --verify --deep --verbose allowed me to find this.

Posted by
tartiflette74
Up vote reply of tartiflette74 Down vote reply of tartiflette74
Post marked as solved
Add a Comment