Menu
I'm distributing my macOS App which is based on nw.js and I manually sign it with codesign command, with a valid macOS cerificate (the App is created and signed in Mojave with latest XCode tools).
codesign -s "my identity" --deep "my app.app"
Please note that the --deep switch is required because I'm also modifying a .framework package inside my App bundle
Signature is successful and I can also verify it with codesign:
codesign -d --verbose=4 "my app.app"
spctl --assess --verbose=4 --type execute "my app.app"
Then I distribute it through the web (Google Drive) and works fine in any Mac prior to Catalina without any warning. When I try to open the App in another computer running Catalina, I get this message
"xxxx" can't be opened because Apple cannot check it for malicious software
similar to this:
I see that you can still open it from "Security and Privacy panel" but this is not I want my user to do. How can I get rid of this message? Is there a different way to sign it? Or do I need to sign it from Catalina?
284
You also need to notarize your application. This is a requirement for Developer ID signed applications on macOS 10.15 and greater.
The process requires you to upload your signed .app to Apple, and is integrated into Xcode, but you can also perform the steps manually using the command line tools altool and stapler.
A good place to start is with the WWDC Session
66
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
