code signature can easily get invalidated if the app or plugin was not packaged and distributed correctly. for example, if you simply sign, zip and upload a file to a public server, a downloaded copy would most probably be thrown to the bin.
the developer should sign, archive (pkg, zip, dmg), notarise, and staple the app or plugin before distribution. also a plugin created for v17 R6 or earlier has manifest.json in a non-conventional location, which may get rejected by Catalina 10.15.3. On Feb 12, 2020, at 13:18, Chuck Miller via 4D_Tech <4d_tech@lists.4d.com<mailto:4d_tech@lists.4d.com>> wrote: Slightly related. Any idea why I have a plug-in that is signed but shows as damaged on Catalina but not in windows. I am not sure of other Mac OS versions. ********************************************************************** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **********************************************************************
