Forum
    • Categories
    • Register
    • Login

    Apple team ID, code sign but ask for security to open the plugin

    Scheduled Pinned Locked Moved General Questions
    36 Posts 7 Posters 9.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      Yannrog @Oli Ullmann
      last edited by

      @Oli-Ullmann By runnnig the signing process again, you mean with the new notary tool?

      Oli UllmannO 1 Reply Last reply Reply Quote 0
      • Oli UllmannO
        Oli Ullmann @Yannrog
        last edited by

        @Yannrog
        I'm not familiar with the new notary tool. I use the commands I showed you above:

        // AU Component (Sign)
        codesign -s "Developer ID Application: YOUR NAME (YOUR CODE)" "/Users/YOUR_USERNAME/Desktop/YOUR_PLUGIN.component" --timestamp
        
        // VST3 (Sign)
        codesign -s "Developer ID Application: YOUR NAME (YOUR CODE)" "/Users/YOUR_USERNAME/Desktop/YOUR_PLUGIN.vst3" --timestamp
        
        // Installer (Sign)
        codesign --deep --force --options runtime --sign "Developer ID Application: YOUR NAME (YOUR CODE)" "/Users/YOUR_USERNAME/Desktop/YOUR_INSTALLER.pkg"
        
        // Installer (Notarization)
        xcrun notarytool submit --apple-id "YOUR_MAIL_ADRESS" --password "YOUR_PASSWORD"  --team-id "YOUR_CODE" --wait "/Users/YOUR_USERNAME/Desktop/YOUR_INSTALLER.pkg"
        
        // Installer (Staple)
        xcrun stapler staple "/Users/YOUR_USERNAME/Desktop/YOUR_INSTALLER.pkg"
        
        

        First, as mentioned, you'll need to remove the signature using this:

        codesign --remove-signature "/Users/YOU_USERNAME/Desktop/YOUR_PLUG-IN.vst3"
        codesign --remove-signature "/Users/YOU_USERNAME/Desktop/YOUR_PLUG-IN.component"
        
        
        Y ustkU 4 Replies Last reply Reply Quote 0
        • Y
          Yannrog @Oli Ullmann
          last edited by

          @Oli-Ullmann Ok , I didn't know about code signing directly from the CLI Thank you so much.
          Sorry, this is already the new notary tool. This is the new command apple recommend with “xcrun notarytool submitt“.

          1 Reply Last reply Reply Quote 0
          • Y
            Yannrog @Oli Ullmann
            last edited by

            @Oli-Ullmann It seems to work. I have status accepted. God bless you.

            1 Reply Last reply Reply Quote 2
            • Y
              Yannrog @Oli Ullmann
              last edited by

              @Oli-Ullmann @David-Healey

              What is the command to verify if it is code signed ? thank you

              David HealeyD 1 Reply Last reply Reply Quote 0
              • David HealeyD
                David Healey @Yannrog
                last edited by

                @Yannrog Can't remember, but there's some useful apps here that will give you the info https://forum.hise.audio/topic/14860/couple-of-handy-free-mac-apps-for-checking-code-signs-and-notarisation

                Free HISE Bootcamp Full Course for beginners.
                YouTube Channel - HISE tutorials
                My Patreon - More HISE tutorials

                Y 1 Reply Last reply Reply Quote 0
                • ustkU
                  ustk @Oli Ullmann
                  last edited by

                  @Oli-Ullmann I shouldn't need to remove the old signature prior to signing again.
                  The new codesign process warns you about the existing signature and automatically replaces it.

                  Hise made me an F5 dude, any other app just suffers...

                  Oli UllmannO 1 Reply Last reply Reply Quote 1
                  • Y
                    Yannrog @David Healey
                    last edited by

                    @David-Healey works well 👍

                    1 Reply Last reply Reply Quote 0
                    • Oli UllmannO
                      Oli Ullmann @ustk
                      last edited by

                      @ustk
                      What do you mean by “new codesign process”? The new notary tool?

                      ustkU 2 Replies Last reply Reply Quote 0
                      • ustkU
                        ustk @Oli Ullmann
                        last edited by

                        @Oli-Ullmann no I just mean when you codesign again, the previous signature should be replaced. That's what I do with no issues.

                        Hise made me an F5 dude, any other app just suffers...

                        1 Reply Last reply Reply Quote 0
                        • ustkU
                          ustk @Oli Ullmann
                          last edited by ustk

                          @Oli-Ullmann

                          VST and AU:

                          Running: codesign --deep --force --timestamp --options runtime --sign "Developer ID Application: XXXXXXXXXXX" "/Library/Audio/Plug-Ins/Components/MyPlugin.component" --verbose
                          
                          /Library/Audio/Plug-Ins/Components/MyPlugin.component: replacing existing signature
                          /Library/Audio/Plug-Ins/Components/MyPlugin.component: signed bundle with Mach-O universal (x86_64 arm64) [com.studio427audio.myplugin]
                          

                          And AAX:

                          Warning! This binary has an invalid existing platform digital signature.
                            This situation could happen if you wrapped a binary that was already signed.
                            Regardless, a new signature will be created now, using your specified credentials.
                          

                          Hise made me an F5 dude, any other app just suffers...

                          Oli UllmannO 1 Reply Last reply Reply Quote 1
                          • Oli UllmannO
                            Oli Ullmann @ustk
                            last edited by

                            @ustk
                            I see. Your command looks a little different from mine. I'll try it next time. Maybe it'll work for me then, too. Thanks a lot! :-)

                            dannytaurusD 1 Reply Last reply Reply Quote 0
                            • dannytaurusD
                              dannytaurus @Oli Ullmann
                              last edited by

                              @Oli-Ullmann The --force flag overwrites any existing signature.

                              Meat Beats: https://meatbeats.com
                              Klippr Video: https://klippr.video

                              Oli UllmannO 1 Reply Last reply Reply Quote 2
                              • Oli UllmannO
                                Oli Ullmann @dannytaurus
                                last edited by

                                @dannytaurus
                                Thanks for the info! :-)

                                ustkU 1 Reply Last reply Reply Quote 0
                                • ustkU
                                  ustk @Oli Ullmann
                                  last edited by

                                  @Oli-Ullmann May the --force be with you light-saber.png

                                  Hise made me an F5 dude, any other app just suffers...

                                  Oli UllmannO 1 Reply Last reply Reply Quote 3
                                  • Oli UllmannO
                                    Oli Ullmann @ustk
                                    last edited by

                                    @ustk
                                    ha ha ha 😂

                                    1 Reply Last reply Reply Quote 0
                                    • ustkU
                                      ustk
                                      last edited by

                                      ChatGPT Image Jun 25, 2026, 01_07_11 PM.png

                                      Hise made me an F5 dude, any other app just suffers...

                                      Y 1 Reply Last reply Reply Quote 2
                                      • Y
                                        Yannrog @ustk
                                        last edited by

                                        @ustk @AchimR @dannytaurus @David-Healey @Oli-Ullmann @Lindon

                                        Hi, everything works perfectly. However, I have an app that wont notarize. It is code signed, I have removed it and re signed it.

                                        I did it for other apps, they have been notarize well.

                                        The app version of the project should have its own bundle identifier? I have the same for the AU, VST, VST3 versions. The app version should have a different bundle ID or it's good if it's the same?

                                        David HealeyD 1 Reply Last reply Reply Quote 0
                                        • David HealeyD
                                          David Healey @Yannrog
                                          last edited by

                                          @Yannrog Every package needs a unique ID

                                          Free HISE Bootcamp Full Course for beginners.
                                          YouTube Channel - HISE tutorials
                                          My Patreon - More HISE tutorials

                                          Y 1 Reply Last reply Reply Quote 0
                                          • Y
                                            Yannrog @David Healey
                                            last edited by

                                            @David-Healey ok thank you

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post

                                            16

                                            Online

                                            2.4k

                                            Users

                                            13.9k

                                            Topics

                                            120.6k

                                            Posts