HISE Logo Forum
    • Categories
    • Register
    • Login

    Notarisation for dummies

    Scheduled Pinned Locked Moved General Questions
    160 Posts 20 Posters 17.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yall
      last edited by

      @Lindon finally my mistake was the following.
      I used the basic signature whereas it is necessary to take the force deep code signature....
      so my pkg are notarized successfully and then stapled.
      I then put several pkg in a zip and signed then notarized the zip.
      success too.
      little question, as stapling the zip is not possible, only notarization is enough?

      DanHD 1 Reply Last reply Reply Quote 0
      • DanHD
        DanH @yall
        last edited by

        @yall I don’t notarise my zip files at all

        DHPlugins / DC Breaks | Artist / Producer / DJ / Developer
        https://dhplugins.com/ | https://dcbreaks.com/
        London, UK

        LindonL 1 Reply Last reply Reply Quote 0
        • LindonL
          Lindon @DanH
          last edited by

          @danh said in Notarisation for dummies:

          @yall I don’t notarise my zip files at all

          like @DanH - I dont notarize my zips - I zip everything up after I have successfully done the code signing and notarizing...

          HISE Development for hire.
          www.channelrobot.com

          DanHD 1 Reply Last reply Reply Quote 1
          • DanHD
            DanH @Lindon
            last edited by

            Should I be able to codesign and notarize an app - as in a file with a .app extension?

            Terminal says no. I want to supply a standalone app without an installer. It's only use is for downloading sample content.

            Any info welcome.

            PS - I'm happily codesigning and notarizing .pkgs...

            DHPlugins / DC Breaks | Artist / Producer / DJ / Developer
            https://dhplugins.com/ | https://dcbreaks.com/
            London, UK

            d.healeyD 1 Reply Last reply Reply Quote 0
            • d.healeyD
              d.healey @DanH
              last edited by

              @danh You code sign pkgs?

              Libre Wave - Freedom respecting instruments and effects
              My Patreon - HISE tutorials
              YouTube Channel - Public HISE tutorials

              LindonL DanHD 2 Replies Last reply Reply Quote 0
              • LindonL
                Lindon @d.healey
                last edited by

                @d-healey said in Notarisation for dummies:

                @danh You code sign pkgs?

                yeah - you should.

                HISE Development for hire.
                www.channelrobot.com

                d.healeyD 1 Reply Last reply Reply Quote 0
                • DanHD
                  DanH @d.healey
                  last edited by

                  @d-healey I do, yes, but does anyone know about .app's? Just pinging an app to users can result in the 'OSX cannot check it for malicious content' message.

                  DHPlugins / DC Breaks | Artist / Producer / DJ / Developer
                  https://dhplugins.com/ | https://dcbreaks.com/
                  London, UK

                  LindonL 1 Reply Last reply Reply Quote 0
                  • d.healeyD
                    d.healey @Lindon
                    last edited by

                    @lindon Oh it's been so long since I did it I'm misremembering the process

                    Libre Wave - Freedom respecting instruments and effects
                    My Patreon - HISE tutorials
                    YouTube Channel - Public HISE tutorials

                    1 Reply Last reply Reply Quote 0
                    • LindonL
                      Lindon @DanH
                      last edited by

                      @danh - what are apple telling you when you try to notarize the .app ???

                      HISE Development for hire.
                      www.channelrobot.com

                      DanHD 1 Reply Last reply Reply Quote 0
                      • DanHD
                        DanH @Lindon
                        last edited by DanH

                        @lindon that it's not codesigned... Can't get the first part to work basically 😆

                        Please let me know if any of the below has any clues for you

                        {
                          "logFormatVersion": 1,
                          "jobId": "e7ddde08-d7e4-4a35-af9d-ca55954eee03",
                          "status": "Invalid",
                          "statusSummary": "Archive contains critical validation errors",
                          "statusCode": 4000,
                          "archiveFilename": "TEST-SAMPLES-DOWNLOADER_signed.pkg",
                          "uploadDate": "2022-02-01T13:10:53Z",
                          "sha256": "4282dcf278ae44b528e64083b6f4aeb22a59da516e60f725013b240a33f3af72",
                          "ticketContents": null,
                          "issues": [
                            {
                              "severity": "error",
                              "code": null,
                              "path": "TEST-SAMPLES-DOWNLOADER_signed.pkg/TEST-SAMPLES-DOWNLOADER_Standalone.pkg Contents/Payload/Applications/DANH/TEST-SAMPLES-DOWNLOADER.app/Contents/MacOS/TEST-SAMPLES-DOWNLOADER",
                              "message": "The binary is not signed.",
                              "docUrl": null,
                              "architecture": "x86_64"
                            },
                            {
                              "severity": "error",
                              "code": null,
                              "path": "TEST-SAMPLES-DOWNLOADER_signed.pkg/TEST-SAMPLES-DOWNLOADER_Standalone.pkg Contents/Payload/Applications/DANH/TEST-SAMPLES-DOWNLOADER.app/Contents/MacOS/TEST-SAMPLES-DOWNLOADER",
                              "message": "The signature does not include a secure timestamp.",
                              "docUrl": null,
                              "architecture": "x86_64"
                            },
                            {
                              "severity": "error",
                              "code": null,
                              "path": "TEST-SAMPLES-DOWNLOADER_signed.pkg/TEST-SAMPLES-DOWNLOADER_Standalone.pkg Contents/Payload/Applications/DANH/TEST-SAMPLES-DOWNLOADER.app/Contents/MacOS/TEST-SAMPLES-DOWNLOADER",
                              "message": "The executable does not have the hardened runtime enabled.",
                              "docUrl": null,
                              "architecture": "x86_64"
                            }
                          ]
                        }
                        
                        

                        I should also add that I tried using @d-healey 's export app which should codesign and notarize the .pkg that it builds but I got this notarization error

                        DHPlugins / DC Breaks | Artist / Producer / DJ / Developer
                        https://dhplugins.com/ | https://dcbreaks.com/
                        London, UK

                        LindonL 1 Reply Last reply Reply Quote 0
                        • LindonL
                          Lindon @DanH
                          last edited by

                          @danh well I think all the info. you need is right there,

                          The pkg isnt signed
                          theres no timestamp on it

                          • its not hardende runtime...

                          HISE Development for hire.
                          www.channelrobot.com

                          DanHD 1 Reply Last reply Reply Quote 0
                          • DanHD
                            DanH @Lindon
                            last edited by DanH

                            @lindon Thanks, yep, I must have been thinking it was the standalone that wasn't signed rather than the package.

                            I guess in any case I'm looking to sign and notarize the app directly, in app form, so not in a .pkg.

                            DHPlugins / DC Breaks | Artist / Producer / DJ / Developer
                            https://dhplugins.com/ | https://dcbreaks.com/
                            London, UK

                            Y 1 Reply Last reply Reply Quote 0
                            • Y
                              yall @DanH
                              last edited by

                              @Lindon little question to understand something. I successfully notarized my pkgs. I then created a zip archive with inside, the windows installer and the pkg. I don't need to notarize the zip? Or just sign it?

                              d.healeyD 1 Reply Last reply Reply Quote 0
                              • d.healeyD
                                d.healey @yall
                                last edited by

                                @yall said in Notarisation for dummies:

                                then created a zip archive with inside, the windows installer and the pkg

                                Why? Just give the user individual links. Most users only use one OS and you are wasting their bandwidth and yours by making them download things they probably don't need.

                                Libre Wave - Freedom respecting instruments and effects
                                My Patreon - HISE tutorials
                                YouTube Channel - Public HISE tutorials

                                Y 1 Reply Last reply Reply Quote 0
                                • Y
                                  yall @d.healey
                                  last edited by

                                  @d-healey it allows me to avoid looking for links, if a client later wants a windows version for example, I should send them back. while the I zip it has everything, and wetransfert. faster for me.

                                  LindonL 1 Reply Last reply Reply Quote 0
                                  • LindonL
                                    Lindon @yall
                                    last edited by

                                    @yall said in Notarisation for dummies:

                                    @d-healey it allows me to avoid looking for links, if a client later wants a windows version for example, I should send them back. while the I zip it has everything, and wetransfert. faster for me.

                                    --what Dave said-- Not sure what happens to a zip with a windows binary in it when its opened on a Mac - seems a waste of end user band width...

                                    HISE Development for hire.
                                    www.channelrobot.com

                                    Y 1 Reply Last reply Reply Quote 0
                                    • Y
                                      yall @Lindon
                                      last edited by

                                      @lindon good ok I will give 2 links. I would do this for the polar bears! lol. that said, I notarized my zip contant exd and pkg successfully. but the stapling does not work and the test is rejected so I would only provide the pkg and exe

                                      LindonL 1 Reply Last reply Reply Quote 0
                                      • LindonL
                                        Lindon @yall
                                        last edited by

                                        @yall -- odd I've never had staple process failures...

                                        HISE Development for hire.
                                        www.channelrobot.com

                                        Y DanHD 2 Replies Last reply Reply Quote 0
                                        • Y
                                          yall @Lindon
                                          last edited by

                                          @lindon the terminal tells me that it cannot staple to a zip

                                          d.healeyD 1 Reply Last reply Reply Quote 0
                                          • d.healeyD
                                            d.healey @yall
                                            last edited by

                                            @yall said in Notarisation for dummies:

                                            @lindon the terminal tells me that it cannot staple to a zip

                                            Just a moment...

                                            favicon

                                            (www.kvraudio.com)

                                            If you are distributing your plugins with a simple ZIP file, you still need to notarize that (you are actually notarizing the content of the ZIP). The problem here is that you can't staple a ZIP file

                                            Libre Wave - Freedom respecting instruments and effects
                                            My Patreon - HISE tutorials
                                            YouTube Channel - Public HISE tutorials

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post

                                            29

                                            Online

                                            1.7k

                                            Users

                                            11.8k

                                            Topics

                                            103.2k

                                            Posts