1 Reply
      Latest reply on Oct 16, 2019 5:31 PM by tam.le
      tam.le Level 1 Level 1 (0 points)

        I have an app that is being blocked with "...can't be opened because Apple cannot check it for malicious software" on Catalina.

        This dialog:
        https://support.apple.com/library/content/dam/edam/applecare/images/en_US/macos/Catalina/macos-catalina-alert-unsigned.jpg

        As far as I can tell, my app should not be getting blocked with this dialog. I have check my app like this:

        % xcrun stapler validate ...app
        Processing: ...
        The validate action worked!
        % spctl -a -vv ...app: accepted
        source=Notarized Developer ID
        origin=Developer ID Application: ...
        % codesign -vvv ...app
        --prepared:...app/Contents/Entitlements.plist
        --validated:...app/Contents/Entitlements.plist
        --prepared:...app/Contents/MacOS/launcher
        --validated:...app/Contents/MacOS/launcher
        ...app: valid on disk
        ...app: satisfies its Designated Requirement
        % codesign -d --strict -vvv  ...app
        Executable=...
        Identifier=...
        Format=app bundle with Mach-O thin (x86_64)
        CodeDirectory v=20500 size=414 flags=0x10000(runtime) hashes=4+5 location=embedded
        Hash type=sha256 size=32
        CandidateCDHash sha1=261b5f7c3afcfdab1dd0ab99657a49bd34342f7b
        CandidateCDHashFull sha1=261b5f7c3afcfdab1dd0ab99657a49bd34342f7b
        CandidateCDHash sha256=443f7e562041dd0fdb144f2530b5dd854b64415c
        CandidateCDHashFull sha256=443f7e562041dd0fdb144f2530b5dd854b64415cca203899e082e166c82d8b37
        Hash choices=sha1,sha256
        CMSDigest=01fb528e10bebc4effa7a034e90528c63c1354295c7df386d4da319327c827c1
        CMSDigestType=2
        CDHash=443f7e562041dd0fdb144f2530b5dd854b64415c
        Signature size=9041
        Authority=Developer ID Application: ...
        Authority=Developer ID Certification Authority
        Authority=Apple Root CA
        Timestamp=Oct 15, 2019 at 9:42:17 AM
        Info.plist entries=15
        TeamIdentifier=...
        Runtime Version=10.9.0
        Sealed Resources version=2 rules=13 files=489
        Internal requirements count=2 size=180

        These commands were run on a Catalina machine that didn't do the signing and notarizing.

         

        During notarization, I do have various warnings, but the notarization result includes so I assume my app is ready to run on Catalina (for now).

        "status": "Accepted",
        "statusSummary": "Ready for distribution",

         

        What else can I do to diagnose?

         

        Thank you.