• 2020-02-28
  • 2020-02-28

How To Support Notarization Services For Installer

If the application is packaged into the installer package and it is deployed, the installer package also need to support the Notarization Services. This article explains that how to support Notarization Services for the installer. Overview of How to make the installer The installer of macOS is created with following 2 steps. Create the component package with pkgbuild. Create the deployment installer with productbuild. If the deployment file is disk image format, the step to create the dmg file with hdiutils will be followed. And you will upload it to the Apple Notarization Services. Prerequirements of the Notarization In prerequirements of the notarization, following things are related to the installer. Code-sign with the Developer ID Application Certificate or the Developer ID Installer Certificate. Contains the secure-timestamp. I have used Developer ID Installer Certificate. I don’t know the Developer ID Application can be used. The Component Package and The Deployment Installer The deployment installer consists with some of component packages. The component package is created per selection of the custom install. The custom install is a function that the user can select to install or skip. If the installer only have express install and doesn’t have a custom install, required component […]

  • 2020-02-23
  • 2020-06-30

How To Configure the project with Xcode to support Apple Notarization Service

March 6, 2020  In “How confirm the program satisfied requirements”, --strict option was missing, added it. There are some way to support Apple Notarization Service. From February 3, 2020, if the app want to be notarized, the app need to meet the original notarization prerequisites. This article describe that how to configure the project with Xcode. Notarization Prerequisites Notarization Prerequisites are following: All Executables are need to be code signed. Enable Hardened Runtime of all of the applications and the command line tools (CLI). Use “Developer ID Application Certificate”, “Developer ID Kernel Extension Certificate” or “Developer ID Installer Certificate” to code signing. Include a secure time stamp. “com.apple.security.get-task-allow” or variations are not contained in the entitlement. Linked to macOS 10.9 SDK or later SDK. Code Signing to Executables Configure to sign the executable. Configuration of the application target and the CLI target Set the “Code Signing Identity” to “Developer ID Application” certificate. If you manage the certificate by yourself, set the “Code Signing Style” to “Manual”, “Development Team” to the empty and “Provisioning Profile” to “none”. Configure to sign on copy In the application target configuration, configure to sign on copy frameworks. METHOD 1 : Configure in the General tab […]