Notarisation for dummies
-
So can I use the same notarization process if not using an installer?
Codesign VST/AU
ZIP Contents (VST/AU/HR1/etc)
Codesign ZIP
Notarize ZIPIs this correct or must you use an installer?
-
@trillbilly Follow this famous guide:
-
@trillbilly said in Notarisation for dummies:
ZIP Contents (VST/AU/HR1/etc)
No need to zip an HR file, it's already a compressed format
-
@d-healey I just figured it would make delivery easier if all files were included in one download, no?
-
@trillbilly Depends on the size of the download
-
@orange So I found this code for zip files
xcrun altool --notarize-app --primary-bundle-id "com.company.vst.plugin" --username "USERNAME" --password "PASSWORD" --asc-provider "SHORT_PROVIDER_NAME" --file plugin.zip
I know the Primary Bundle ID is. As for USERNAME and PASSWORD, is my Apple Developer signin? Is PASSWORD the App Specific Password?
And I am unsure what SHORT_PROVIDER_NAME is referring too.
-
@d-healey What do you recommend keeping download sizes too? Do you recommend keeping hr1 files the default 500mb or do you increase?
-
@trillbilly 2GB max per file.
-
@orange So I have tried the notarization with my AppleID/Developer Username (my email) and with both My password and the generated App Specific Password with no luck.
I also removed the SHORT_PROVIDER_NAME as when I was reading through the thread, there was mention its unnecessary if you're only associated with one entity with Apple.
Here is the code I used and error I received.
xcrun altool --notarize-app --primary-bundle-id "com.website.plugin" --username “my email” --password “my password“ "/Users/mymac/Plugin.zip"
**** Error: Notarization failed for '(null)'.
*** Error: Unable to upload your app for notarization. --file must specify a file. (-1027)
{
NSLocalizedDescription = "Unable to upload your app for notarization.";
NSLocalizedFailureReason = "--file must specify a file.";
}
*** Error: Unable to upload your app for notarization. Failed to get authorization for username and password. (
"Error Domain=NSCocoaErrorDomain Code=0 "Status code: 0" UserInfo={NSLocalizedDescription=Status code: 0, NSLocalizedFailureReason=The auth server returned a bad status code.}"
) (-1011)
{
NSLocalizedDescription = "Unable to upload your app for notarization.";
NSLocalizedFailureReason = "Failed to get authorization for username '\U201c\U201d' and password. (\n "Error Domain=NSCocoaErrorDomain Code=0 \"Status code: 0\" UserInfo={NSLocalizedDescription=Status code: 0, NSLocalizedFailureReason=The auth server returned a bad status code.}"\n)";
}* -
@trillbilly I've used installers only, never used the .zip files for the plugin distribution. Are you sure about the folder path of the .zip file?
Also, I think the code you tried is for individual zip packages. For example, put a vst in a single zip file. then put .component file to another zip file... etc.
Why don't you use Packages Installer instead? It's pretty straightforward, easier, and a much professional way for the user experience.
I strongly suggest using Whitebox Packages for this purpose, after downloading and installing it (it's free), take a look at this PACKAGES TEMPLATE PROJECT that 've made earlier. It's an installer project with all of the plugin formats.
-
@orange Id like to eventually have installers but am terrified to even begin. Whitebox looks like it only does Mac Installers, yes? What about Windows?
-
What about Windows?
InnoSetup.
I made an app that does all this for you (including codesigning and notarizing), it's available on my Patreon page. I haven't tested it with recent versions of HISE but I think it should still work. It has a few bugs which I haven't found the time to fix yet, but will get to it eventually :)
-
@d-healey I believe I am already a member of your Patreon. I will have to look for this tool. It is for Mac & Windows?
-
-
-
@orange You've talked me into it. Im attempting installers. I have successfully created Windows installer and Mac installer.
Notarization is another issue though. I was able to get to point of receiving email from Apple but they did not notarize the app.
Ill be continuing this quest tomorrow!
-
@trillbilly said in Notarisation for dummies:
they did not notarize the app
The email should contain a code that you can check for specific errors.
-
@trillbilly The procedure in macOS is this:
- Export plugin from HISE
- Sign the plugin
- Create a .pkg installer with WhiteBox Packages
- Sign the installer
- Notarize the installer
- Time Stamp the installer
If you follow this procedure properly, there will be no issues. Follow the KvR thread, all of these steps are explained there, it's working.
-
@orange said in Notarisation for dummies:
@trillbilly The procedure in macOS is this:
- Export plugin from HISE
- Sign the plugin
- Create a .pkg installer with WhiteBox Packages
- Sign the installer
- Notarize the installer
- Time Stamp the installer
If you follow this procedure properly, there will be no issues. Follow the KvR thread, all of these steps are explained there, it's working.
- Export plugin from HISE
- Sign the plugin
- Create a .pkg installer with WhiteBox Packages
3.1) attach your developer installer certificate to WBP - Sign the installer
- Notarize the installer
- Staple the installer
-
"3.1) attach your developer installer certificate to WBP"
This is the certificate I placed in my Keychain, yes? How do you attach it to Packages?
Also, in the KVR thread they mention zipping the pkg before notarized, is this not necessary?