how can i notarizing dmg file

i tested myapp.app file with the "spctl -a -v myapp.app" option.


and this is result

myapp.app :accepted

source=Notarized Developer ID


But when i distribute it as a dmg file myapp.app to myapp.dmg, myapp.app is damaged and it doesn`t work.


i tested myapp.dmg file with the "spctl -a -vvv myapp.dmg" option


myapp.dmg: rejected

source=Unnotarized Developer ID

origin=Developer ID Application: mycompany (myteam ID)


what should i fix before distribute my app?

Up vote post of chocosable Down vote post of chocosable
4.9k views
Posted by
chocosable
Reply
Add a Comment

Accepted Reply

I did codesign on myapp.dmg file. this is the result after doing it.

I’m not sure if this is your only problem, but you’re doing the assessment on your disk image incorrectly. Try this:

$ spctl -a -t open --context context:primary-signature -v /path/to/disk.dmg

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Post marked as solved
Add a Comment

Replies

We generally recommend that you notarise and sign the outermost container that you distribute. So, if you have an app within a disk image, you should sign the app, put it in the disk image, sign the disk image, and notarise that.

Three things:

  • You can sign a disk image using 

    codesign
    .

  • Use your Developer ID Application digital identity.

  • Once you have a signed disk image, you can submit it for notarisation using 

    altool
    . See Customizing the Notarization Workflow for info on how to use that tool.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Post not yet marked as solved Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

I did codesign on myapp.dmg file.

this is the result after doing it.


myapp.dmg: rejected (the code is valid but does not seem to be an app)

origin=Developer ID Application: mycompany (myteam ID)


Is rejected the right result? or is there anything else I need to check before Distribute?



--------------------------------------------------


i`m doing


codesign --force --sign "Developer ID Application mycompany (teamID)" myapp.dmg


and


xcrun altool --notarize-app -f myapp.dmg --primary-bundle-id com.mybundle.id -u myappleDeveloperId -p myapplePassword


after i get notarization success mail


xcrun stapler staple myapp.dmg




------------------------------------------------


here is another information


I tested myapp.app on another macbook


spctl -a -v myapp.app in ~/Application folder


myapp.app: a sealed resource is missing or invalid


what is the problem?

Posted by
chocosable
Up vote reply of chocosable Down vote reply of chocosable
Add a Comment

I did codesign on myapp.dmg file. this is the result after doing it.

I’m not sure if this is your only problem, but you’re doing the assessment on your disk image incorrectly. Try this:

$ spctl -a -t open --context context:primary-signature -v /path/to/disk.dmg

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Post marked as solved
Add a Comment

result

myapp.dmg: accepted

source = Notarized Developer ID



Thank you very much for your help.

It doesn't seem to be a signing problem with the dmg file.

But still having the same problem.

Perhaps I will review the build process as a dmg file.


Thang you

Posted by
chocosable
Up vote reply of chocosable Down vote reply of chocosable
Add a Comment