Forum
    • Categories
    • Register
    • Login

    Apple team ID, code sign but ask for security to open the plugin

    Scheduled Pinned Locked Moved General Questions
    36 Posts 7 Posters 9.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      Yannrog @David Healey
      last edited by

      @David-Healey Thank you David, ok

      1 Reply Last reply Reply Quote 0
      • Y
        Yannrog @Oli Ullmann
        last edited by

        @Oli-Ullmann By runnnig the signing process again, you mean with the new notary tool?

        Oli UllmannO 1 Reply Last reply Reply Quote 0
        • Oli UllmannO
          Oli Ullmann @Yannrog
          last edited by

          @Yannrog
          I'm not familiar with the new notary tool. I use the commands I showed you above:

          // AU Component (Sign)
          codesign -s "Developer ID Application: YOUR NAME (YOUR CODE)" "/Users/YOUR_USERNAME/Desktop/YOUR_PLUGIN.component" --timestamp
          
          // VST3 (Sign)
          codesign -s "Developer ID Application: YOUR NAME (YOUR CODE)" "/Users/YOUR_USERNAME/Desktop/YOUR_PLUGIN.vst3" --timestamp
          
          // Installer (Sign)
          codesign --deep --force --options runtime --sign "Developer ID Application: YOUR NAME (YOUR CODE)" "/Users/YOUR_USERNAME/Desktop/YOUR_INSTALLER.pkg"
          
          // Installer (Notarization)
          xcrun notarytool submit --apple-id "YOUR_MAIL_ADRESS" --password "YOUR_PASSWORD"  --team-id "YOUR_CODE" --wait "/Users/YOUR_USERNAME/Desktop/YOUR_INSTALLER.pkg"
          
          // Installer (Staple)
          xcrun stapler staple "/Users/YOUR_USERNAME/Desktop/YOUR_INSTALLER.pkg"
          
          

          First, as mentioned, you'll need to remove the signature using this:

          codesign --remove-signature "/Users/YOU_USERNAME/Desktop/YOUR_PLUG-IN.vst3"
          codesign --remove-signature "/Users/YOU_USERNAME/Desktop/YOUR_PLUG-IN.component"
          
          
          Y ustkU 4 Replies Last reply Reply Quote 0
          • Y
            Yannrog @Oli Ullmann
            last edited by

            @Oli-Ullmann Ok , I didn't know about code signing directly from the CLI Thank you so much.
            Sorry, this is already the new notary tool. This is the new command apple recommend with “xcrun notarytool submitt“.

            1 Reply Last reply Reply Quote 0
            • Y
              Yannrog @Oli Ullmann
              last edited by

              @Oli-Ullmann It seems to work. I have status accepted. God bless you.

              1 Reply Last reply Reply Quote 2
              • Y
                Yannrog @Oli Ullmann
                last edited by

                @Oli-Ullmann @David-Healey

                What is the command to verify if it is code signed ? thank you

                David HealeyD 1 Reply Last reply Reply Quote 0
                • David HealeyD
                  David Healey @Yannrog
                  last edited by

                  @Yannrog Can't remember, but there's some useful apps here that will give you the info https://forum.hise.audio/topic/14860/couple-of-handy-free-mac-apps-for-checking-code-signs-and-notarisation

                  Free HISE Bootcamp Full Course for beginners.
                  YouTube Channel - HISE tutorials
                  My Patreon - More HISE tutorials

                  Y 1 Reply Last reply Reply Quote 0
                  • ustkU
                    ustk @Oli Ullmann
                    last edited by

                    @Oli-Ullmann I shouldn't need to remove the old signature prior to signing again.
                    The new codesign process warns you about the existing signature and automatically replaces it.

                    Hise made me an F5 dude, any other app just suffers...

                    Oli UllmannO 1 Reply Last reply Reply Quote 1
                    • Y
                      Yannrog @David Healey
                      last edited by

                      @David-Healey works well 👍

                      1 Reply Last reply Reply Quote 0
                      • Oli UllmannO
                        Oli Ullmann @ustk
                        last edited by

                        @ustk
                        What do you mean by “new codesign process”? The new notary tool?

                        ustkU 2 Replies Last reply Reply Quote 0
                        • ustkU
                          ustk @Oli Ullmann
                          last edited by

                          @Oli-Ullmann no I just mean when you codesign again, the previous signature should be replaced. That's what I do with no issues.

                          Hise made me an F5 dude, any other app just suffers...

                          1 Reply Last reply Reply Quote 0
                          • ustkU
                            ustk @Oli Ullmann
                            last edited by ustk

                            @Oli-Ullmann

                            VST and AU:

                            Running: codesign --deep --force --timestamp --options runtime --sign "Developer ID Application: XXXXXXXXXXX" "/Library/Audio/Plug-Ins/Components/MyPlugin.component" --verbose
                            
                            /Library/Audio/Plug-Ins/Components/MyPlugin.component: replacing existing signature
                            /Library/Audio/Plug-Ins/Components/MyPlugin.component: signed bundle with Mach-O universal (x86_64 arm64) [com.studio427audio.myplugin]
                            

                            And AAX:

                            Warning! This binary has an invalid existing platform digital signature.
                              This situation could happen if you wrapped a binary that was already signed.
                              Regardless, a new signature will be created now, using your specified credentials.
                            

                            Hise made me an F5 dude, any other app just suffers...

                            Oli UllmannO 1 Reply Last reply Reply Quote 1
                            • Oli UllmannO
                              Oli Ullmann @ustk
                              last edited by

                              @ustk
                              I see. Your command looks a little different from mine. I'll try it next time. Maybe it'll work for me then, too. Thanks a lot! :-)

                              dannytaurusD 1 Reply Last reply Reply Quote 0
                              • dannytaurusD
                                dannytaurus @Oli Ullmann
                                last edited by

                                @Oli-Ullmann The --force flag overwrites any existing signature.

                                Meat Beats: https://meatbeats.com
                                Klippr Video: https://klippr.video

                                Oli UllmannO 1 Reply Last reply Reply Quote 2
                                • Oli UllmannO
                                  Oli Ullmann @dannytaurus
                                  last edited by

                                  @dannytaurus
                                  Thanks for the info! :-)

                                  ustkU 1 Reply Last reply Reply Quote 0
                                  • ustkU
                                    ustk @Oli Ullmann
                                    last edited by

                                    @Oli-Ullmann May the --force be with you light-saber.png

                                    Hise made me an F5 dude, any other app just suffers...

                                    Oli UllmannO 1 Reply Last reply Reply Quote 3
                                    • Oli UllmannO
                                      Oli Ullmann @ustk
                                      last edited by

                                      @ustk
                                      ha ha ha 😂

                                      1 Reply Last reply Reply Quote 0
                                      • ustkU
                                        ustk
                                        last edited by

                                        ChatGPT Image Jun 25, 2026, 01_07_11 PM.png

                                        Hise made me an F5 dude, any other app just suffers...

                                        Y 1 Reply Last reply Reply Quote 2
                                        • Y
                                          Yannrog @ustk
                                          last edited by

                                          @ustk @AchimR @dannytaurus @David-Healey @Oli-Ullmann @Lindon

                                          Hi, everything works perfectly. However, I have an app that wont notarize. It is code signed, I have removed it and re signed it.

                                          I did it for other apps, they have been notarize well.

                                          The app version of the project should have its own bundle identifier? I have the same for the AU, VST, VST3 versions. The app version should have a different bundle ID or it's good if it's the same?

                                          David HealeyD 1 Reply Last reply Reply Quote 0
                                          • David HealeyD
                                            David Healey @Yannrog
                                            last edited by

                                            @Yannrog Every package needs a unique ID

                                            Free HISE Bootcamp Full Course for beginners.
                                            YouTube Channel - HISE tutorials
                                            My Patreon - More HISE tutorials

                                            Y 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post

                                            16

                                            Online

                                            2.4k

                                            Users

                                            13.9k

                                            Topics

                                            120.6k

                                            Posts