1 Reply
      Latest reply on Dec 5, 2019 12:28 AM by eskimo
      Kazuma Takezawa Level 1 Level 1 (0 points)

        Could you answer the following questions?

         

        1. Is an external network connection required to download Apple notarized pkg files via a browser?

        Pkg file with Apple notarization via a browser such as Safari (when Gatekeepr is checked)

        Is it necessary to connect to an external network when downloading?

        (Is it a system to check via the network when notarization confirmation?)

        In a local network environment, I created HTML with a link to a pkg file with Apple notarization, and downloaded the pkg file via a browser.

        “Cannot open because the developer is unconfirmed” dialog is displayed and installation is not possible.

        Is this reason due to the local network environment?

         

        2. About conditions for passing Gatekeepr for Apple notarized pkg files

        Is Apple notarization valid even if I zip multiple Apple notarized pkg files and download the zip file?

        Is it possible to pass through the Gatekeeper?

        If I zip it, will it be a different thing and will not be able to execute the pkg file?

        Please let me know if there is a condition that Gatekeeper cannot execute even if you have obtained Apple Notary.

         

        3. About the Gatekeeper system

        If you execute a pkg file by a method that is not via Safari even once (copy from USB or copy from a shared server),

        then if the same pkg file is downloaded via Safari,

        regardless of whether it is Apple notarized or not It can be executed without error.

        Is this phenomenon a Gatekeeper specification?

        I would like to know how Gatekeeper works when downloading an Apple notarized pkg file.

         

        4. Error when writing iso to CD / DVD in macOS 10.15 environment

        I saved it in the pkg file folder that got the Apple notary and created it as iso.

        When trying to write the created iso to a CD / DVD, the message "Could not create xx.iso disc. Invalid disc image" is displayed and writing is not possible.

        Is this a bug or specification of the macOS 10.15 environment?

        Also, could you tell me if there is a workaround or a correction plan?

        • Re: About notarizing macOS Software
          eskimo Apple Staff Apple Staff (12,425 points)

          1. Is an external network connection required to download Apple notarized pkg files via a browser?

          That depends.  If someone (it doesn’t even have to be the author) has stapled the ticket to the installer package, it will be present when Gatekeeper checks the package and thus an Internet connection is not necessary.  If the ticket hasn’t been stapled to the installer package, Gatekeeper needs to be able to contact Apple servers to get that ticket.

          2. About conditions for passing Gatekeepr for Apple notarized pkg files

          Zip archives are a Gatekeeper pass through.  If you unpack a quarantined zip archive, all the resulting items are quarantined.  If those are installer packages, then they will be checked by Gatekeeper when you open them.

          3. About the Gatekeeper system

          I haven’t tested the scenario you’ve described but I suspect that Gatekeeper will still check the quarantined package.

          4. Error when writing iso to CD / DVD in macOS 10.15 environment

          I’m sorry, but I don’t understand this question.  Can you explain the steps you took in more detail?

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"