Notarisation for dummies
-
@trillbilly Depends on the size of the download
-
@orange So I found this code for zip files
xcrun altool --notarize-app --primary-bundle-id "com.company.vst.plugin" --username "USERNAME" --password "PASSWORD" --asc-provider "SHORT_PROVIDER_NAME" --file plugin.zip
I know the Primary Bundle ID is. As for USERNAME and PASSWORD, is my Apple Developer signin? Is PASSWORD the App Specific Password?
And I am unsure what SHORT_PROVIDER_NAME is referring too.
-
@d-healey What do you recommend keeping download sizes too? Do you recommend keeping hr1 files the default 500mb or do you increase?
-
@trillbilly 2GB max per file.
-
@orange So I have tried the notarization with my AppleID/Developer Username (my email) and with both My password and the generated App Specific Password with no luck.
I also removed the SHORT_PROVIDER_NAME as when I was reading through the thread, there was mention its unnecessary if you're only associated with one entity with Apple.
Here is the code I used and error I received.
xcrun altool --notarize-app --primary-bundle-id "com.website.plugin" --username “my email” --password “my password“ "/Users/mymac/Plugin.zip"
**** Error: Notarization failed for '(null)'.
*** Error: Unable to upload your app for notarization. --file must specify a file. (-1027)
{
NSLocalizedDescription = "Unable to upload your app for notarization.";
NSLocalizedFailureReason = "--file must specify a file.";
}
*** Error: Unable to upload your app for notarization. Failed to get authorization for username and password. (
"Error Domain=NSCocoaErrorDomain Code=0 "Status code: 0" UserInfo={NSLocalizedDescription=Status code: 0, NSLocalizedFailureReason=The auth server returned a bad status code.}"
) (-1011)
{
NSLocalizedDescription = "Unable to upload your app for notarization.";
NSLocalizedFailureReason = "Failed to get authorization for username '\U201c\U201d' and password. (\n "Error Domain=NSCocoaErrorDomain Code=0 \"Status code: 0\" UserInfo={NSLocalizedDescription=Status code: 0, NSLocalizedFailureReason=The auth server returned a bad status code.}"\n)";
}* -
@trillbilly I've used installers only, never used the .zip files for the plugin distribution. Are you sure about the folder path of the .zip file?
Also, I think the code you tried is for individual zip packages. For example, put a vst in a single zip file. then put .component file to another zip file... etc.
Why don't you use Packages Installer instead? It's pretty straightforward, easier, and a much professional way for the user experience.
I strongly suggest using Whitebox Packages for this purpose, after downloading and installing it (it's free), take a look at this PACKAGES TEMPLATE PROJECT that 've made earlier. It's an installer project with all of the plugin formats.
-
@orange Id like to eventually have installers but am terrified to even begin. Whitebox looks like it only does Mac Installers, yes? What about Windows?
-
What about Windows?
InnoSetup.
I made an app that does all this for you (including codesigning and notarizing), it's available on my Patreon page. I haven't tested it with recent versions of HISE but I think it should still work. It has a few bugs which I haven't found the time to fix yet, but will get to it eventually :)
-
@d-healey I believe I am already a member of your Patreon. I will have to look for this tool. It is for Mac & Windows?
-
-
-
@orange You've talked me into it. Im attempting installers. I have successfully created Windows installer and Mac installer.
Notarization is another issue though. I was able to get to point of receiving email from Apple but they did not notarize the app.
Ill be continuing this quest tomorrow!
-
@trillbilly said in Notarisation for dummies:
they did not notarize the app
The email should contain a code that you can check for specific errors.
-
@trillbilly The procedure in macOS is this:
- Export plugin from HISE
- Sign the plugin
- Create a .pkg installer with WhiteBox Packages
- Sign the installer
- Notarize the installer
- Time Stamp the installer
If you follow this procedure properly, there will be no issues. Follow the KvR thread, all of these steps are explained there, it's working.
-
@orange said in Notarisation for dummies:
@trillbilly The procedure in macOS is this:
- Export plugin from HISE
- Sign the plugin
- Create a .pkg installer with WhiteBox Packages
- Sign the installer
- Notarize the installer
- Time Stamp the installer
If you follow this procedure properly, there will be no issues. Follow the KvR thread, all of these steps are explained there, it's working.
- Export plugin from HISE
- Sign the plugin
- Create a .pkg installer with WhiteBox Packages
3.1) attach your developer installer certificate to WBP - Sign the installer
- Notarize the installer
- Staple the installer
-
"3.1) attach your developer installer certificate to WBP"
This is the certificate I placed in my Keychain, yes? How do you attach it to Packages?
Also, in the KVR thread they mention zipping the pkg before notarized, is this not necessary?
-
@trillbilly said in Notarisation for dummies:
"3.1) attach your developer installer certificate to WBP"
This is the certificate I placed in my Keychain, yes? How do you attach it to Packages?
Also, in the KVR thread they mention zipping the pkg before notarized, is this not necessary?
Not on the Mac at the moment but its in the user manual if you look for it:
http://s.sudre.free.fr/Software/documentation/Packages/en_2017/Project_Configuration.html#5
No need to zip the pkg file,
-
@lindon said in Notarisation for dummies:
3.1) attach your developer installer certificate to WBP
This is the same thing with:
- Sign the installer
While signing the installer you need to sign it with your Developer Installer Certificate.
Actually, while creating installers I don't attach my Developer Installer Certificate inside WhiteBox Packages app. After creating the installer, I am directly using the Terminal for attaching the Developer Installer Certificate. It's a choice but both ways are ok.
-
@dustbro yes, I seen this. I was just on my last nerve with apple yesterday. I was at it with installers, codesiging and attempting to notarize for almost 10 hours. I will be back to the studio in a couple hours to get back at it.
Almost there, for now....
-
@orange ok so attaching the certificate within Packages while creating the installer is essentially the same as signing the installer after the pkg has been created? Got it!