We currently have problems with the download versions (ZIP) of our applications under the new operating system MacOS Sierra from Apple. It is a (non-native) video tutorial app with external data and different startfiles (certificate signed) for Mac and Windows (originally created for DVDs).
Although the Mac startfile of the download version was properly signed with a valid Apple Developer ID certificate, an authorization problem now appears and the application can no longer load external data. The same application on DVD still works impeccably.
My researches have shown that under "macOS Sierra" developer ID signed apps (outside the App Store) are not allowed to use external libraries, external code or external data:
https://developer.apple.com/library/content/releasenotes/MacOSX/WhatsNewInOSX/Articles/OSXv10.html
Starting in macOS 10.12, you can not get any longer. An app distributed outside the Mac App. To provide secure execution, code your disk image is using the codesign tool, or distribute your app through the Mac App Store. For more information, see the updated revision to macOS Code Signing In Depth.
https://developer.apple.com/library/content/technotes/tn2206/_index.html
Is our described type of application no longer compatible with macOS Sierra?
Is there any solution to continue offering our applications as a download for macOS Sierra outside the App Store?
Possibly one could encapsulate here in the individual trainings over an automatism all necessary files in an app, afterwards sign and to prepare as DMG !?
Have solved the problem.
With a signed DMG everything works again as before. This is now possible under macOS Sierra (and from Mac OS X 10.11.5.)
Related
I create an Unity app to desktop platforms using Unity 2017.4.40. I publish it on Steam and now I Wana publish it on Mac app store. I follow this guide "https://docs.unity3d.com/Manual/HOWTO-PortToAppleMacStore.html" to learn how to submit an Unity game to Mac App Store.
I do all steps on this guide and submit a PKG file to AppStore, but the game was rejected. I receive the following feedback from AppStore Review Team.
Hello,
The issues we previously identified still need your attention before we can approve your submission.
If you have any questions, we are here to help. Reply to this message in App Store Connect and let us know.
Guideline 2.1 - Performance
We discovered one or more bugs in your app when reviewed on Mac running macOS 12.3.
Specifically, the app did not launched and remained on a loading loop.
We tried to launch and review the app at the following two devices:
MacBook Pro (16-inch, 2019)
MacBook Air (M1, 2020)
Next Steps
Please run your app on a device to identify the issue(s), then revise and resubmit your app for review.
If you are unable to reproduce this issue, ensure you are testing the exact version of the app that you submitted for review, and that you're doing so in a minimally privileged environment. See Technical Q&A QA1778: How to reproduce bugs reported against Mac App Store submissions.
For additional information on crash reports, see Diagnosing Issues Using Crash Reports and Device Logs.
I test my game on MacOS Big Sur 11.6.1 and on a fresh install on another device with MacOS Monterey 12.3.
For me it works perfectly in both tests. But when submitted to AppStore I got this error, now I don't know what I can do fix this to make my Unity game runs on MacOS devices from Apple review team.
How can I fix that?
I succeed to publish one app in the Mac App Store.
I use the link below and I was able to understand how to publish my app in the Mac App Store
https://github.com/dilmerv/UnityBuildTools
My problem is that I forgot to sign my app with the "3rd Party Mac Developer Application: My Name (XXXXXXXXXX)" certificate and after that create a pkg file and sign it with "3rd Party Mac Developer Installer: My Name (XXXXXXXXX)" certificate.
It works for me, my app was finally published in the Mac App Store.
There is another certificates that are needed to distribute the app outside Mac App Store. For me I will need to use the "Developer ID Application: My Name (XXXXXXXXXX)" to sign my app to distribute using Steam.
I have a Mac app which can't be sandboxed due to using Apple Events and therefore it can't be released through the Mac App Store.
I've made a website, added a payment gateway and everything seems to be ok but I keep getting feedback from testers who can't open the app even with the right mouse button method.
First it was the raw app from Xcode without any kind of signing, after that I tried exporting after archiving using my developer certificate, the I even notarized the app with Apple but still there are people who can't open the app (even though they was able to use it before signing).
Currently I'm using the Mac App Distribution certificate (no provisioning profile). Is this correct? Should I use "Mac Installer", "Mac developer", "Apple developer", "Apple distribution"… why is this so confusing?
You should use the Developer ID Application certificate to distribute a Mac app outside the Mac App Store that does not use an installer. Most Mac apps do not use an installer.
Apple provides a decent explanation of the different certificates when you create a new certificate from Apple's Certificates, Identifiers, and Profiles page. To keep people reading this from having to go there, I'll explain them now.
The Developer ID Installer certificate is for distributing Mac apps outside the App Store that use an installer to install the app.
The Mac Development certificate is for signing development versions of a Mac app.
The Mac App Distribution certificate is for distributing a Mac app on the App Store that does not use an installer. The Mac Installer Distribution certificate is for distributing a Mac app on the App Store that uses an installer.
In Xcode 11, Apple added the Apple Development and Apple Distribution certificates so people could sign their apps for all Apple platforms with one certificate. These certificates are for apps that will end up on the App Store.
Is it necessary to notarize app before uploading to Apple App Store? I come across some article says that notarization is needed for non-app store distribution, while apple will run notarization before approving an app store version.
Anyone can confirm?
The reason I ask this question is because I notarized the app for outside Mac App Store distribution and it works fine. For the Mac app store build, I can upload and distribute it and it works fine on Mac, only have issue on Catalina(beta) when user try to open, see attached pic. Wonder if it's related to notarization.
Update: the issue was not due to notarization, but due to code signing. One of the node binary is not signed before uploading to MAS, maybe Catalina has a more strict rule checking it.
No, it's not required. Apps downloaded from the app store are not notarized. You can verify it using spctl command.
spctl -a -v /Applications/Pages.app
/Applications/Pages.app: accepted
source=Mac App Store
Gatekeeper will check notarization only if the app is downloaded from outside the App Store.
From Safely open apps on your Mac
When you install Mac apps, plug-ins, and installer packages from
outside the App Store, macOS checks the Developer ID signature and
notarization status to verify that the software is from an identified
developer and that it has not been altered.
Notarization is only required for distribution outside the Mac App Store. See Distribute outside the Mac App Store (macOS), which says:
In some cases, you may want to distribute an app outside of the Mac App Store [...] Users gain additional assurance if your Developer ID-signed app is also notarized by Apple.
The macOS User Guide has this to say:
App Store: [...] All the developers of apps in the Mac App Store are identified by Apple, and each app is reviewed before it’s accepted
App Store and identified developers: [...] Identified developers are registered with Apple and can optionally upload their apps to Apple for a security check. If problems occur with an app, Apple can revoke its authorization.
I have 'identified developer' certificates from Apple.
I have signed my app using Sierra via the commands line as my app is outside of xcode, signatures validate on Sierra as from an identified developer.
Testing on Sierra allows installation when the security settings are:
'Allow allocations downloaded from: Mac App Store and identified developers'.
Testing on OS X 10.8 Mountain Lion gives the error ".app is damaged" as attached.Gatekeeper Screenshot This error occurs when the security settings are:
'Allow allocations downloaded from: Mac App Store and identified developers'.
Changing the security settings to
'Allow allocations downloaded from: Anywhere'.
Allows the app to be installed just fine, so I am sure that the file is valid.
Why does an app validate on newer macs only.
I also tried signing the app on 10.8. In this scenario 10.8 accepts the app as from an identified developer but 10.12 does not, the exact opposite.
10.8 does not support validating certificates using SHA256, codesign on 10.12 used SHA256.
Is it possible to get an AIR 3.0 Captive Runtime app into the Mac App Store? How would you do that?
Here's a link where you can find pretty thorough article how to upload an AIR app in the Mac App-store.
There are actually a couple of steps to doing this. First, and this is what I have found to be the easiest solution, is to build an AIR Intermediate file from Flash Builder 4.5. Once that file is built, use the adt command line packager with the "-target bundle" flag to sign and package the a Mac OSX application bundle. This will result in a fully working captive runtime application bundle that you can run on OSX. When you have completed the Adobe side of things and have verified that is runs correctly you can move on to the Apple side.
I would recommend you reference Apple's developer documentation for this here: Submit Your Application using Application Loader. You will need to use both the "codesign" and "productbuild" commands on the application bundle you created from Adobe's packager. When done, you should now be able to use Apple's Application Loader to submit the package to the Mac App Store.
I have not yet tried to sign the AIRI package with my Apple certificate, so I'm not sure if that would work, since I have both an Thawte cert for Air apps and the Apple issued one. This would take further testing.