Re: How to check signature and notarization?

2021-04-13 Thread Gabriel Zachmann via Cocoa-dev
Thanks a lot to all of you!  This is very helpful!

Best regards, Gabriel



> On 13. Apr 2021, at 00:45, Jack Brindle  wrote:
> 
> Quick followup:
> 
> Howard’s app: ArchiChect will do the job you need. The product page is at:
> 
> https://eclecticlight.co/32-bitcheck-archichect/
> 
> And it is free!
> 
> Jack
> 
> 
>> On Apr 12, 2021, at 3:40 PM, Jack Brindle via Cocoa-dev 
>>  wrote:
>> 
>> From the code sign man page:
>> codesign --display --verbose=4 Terminal.app
>> 
>> replace Terminal.app with your application name (be sure to unzip first). 
>> The information shown will tell you whether it is has a valid signature.
>> You might try it on a few other apps just to see what that looks like.
>> 
>> Be sure that the customer copies the app from wherever they unzip it to the 
>> Applications folder, or anyplace else. That will remove the quarantine on 
>> the app.
>> 
>> As for checking Notarization, I don’t remember how, but there is a way. You 
>> might explore the apps from Howard Oakley at his Eclectic Mac Light Company 
>> web page. He has some very good tools that should show the security info.
>> The URL: https://eclecticlight.co 
>> 
>> We distribute our app in zipped form (no dmg). It is in an installer app 
>> that the user unzips, then runs, usually at the same place where they 
>> unzipped the file. No problems with GateKeeper in over two years of 
>> Notarization so far.
>> 
>> Jack
>> 
>> 
>> 
>> 
>>> On Apr 12, 2021, at 10:48 AM, Sean McBride via Cocoa-dev 
>>>  wrote:
>>> 
>>> On Mon, 12 Apr 2021 18:36:12 +0200, Gabriel Zachmann via Cocoa-dev said:
>>> 
 Is there a way to check that the signature and notarization is proper?
 Are there any other checks I can do to determine what is going wrong?
>>> 
>>> You might find this helpful:
>>> 
>>> 
>>> 
>>> Sean
>>> 



smime.p7s
Description: S/MIME cryptographic signature
___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com


Re: How to check signature and notarization?

2021-04-12 Thread Jack Brindle via Cocoa-dev
Quick followup:

Howard’s app: ArchiChect will do the job you need. The product page is at:

https://eclecticlight.co/32-bitcheck-archichect/

And it is free!

Jack


> On Apr 12, 2021, at 3:40 PM, Jack Brindle via Cocoa-dev 
>  wrote:
> 
> From the code sign man page:
> codesign --display --verbose=4 Terminal.app
> 
> replace Terminal.app with your application name (be sure to unzip first). The 
> information shown will tell you whether it is has a valid signature.
> You might try it on a few other apps just to see what that looks like.
> 
> Be sure that the customer copies the app from wherever they unzip it to the 
> Applications folder, or anyplace else. That will remove the quarantine on the 
> app.
> 
> As for checking Notarization, I don’t remember how, but there is a way. You 
> might explore the apps from Howard Oakley at his Eclectic Mac Light Company 
> web page. He has some very good tools that should show the security info.
> The URL: https://eclecticlight.co 
> 
> We distribute our app in zipped form (no dmg). It is in an installer app that 
> the user unzips, then runs, usually at the same place where they unzipped the 
> file. No problems with GateKeeper in over two years of Notarization so far.
> 
> Jack
> 
> 
> 
> 
>> On Apr 12, 2021, at 10:48 AM, Sean McBride via Cocoa-dev 
>>  wrote:
>> 
>> On Mon, 12 Apr 2021 18:36:12 +0200, Gabriel Zachmann via Cocoa-dev said:
>> 
>>> Is there a way to check that the signature and notarization is proper?
>>> Are there any other checks I can do to determine what is going wrong?
>> 
>> You might find this helpful:
>> 
>> 
>> 
>> Sean
>> 
>> 
>> ___
>> 
>> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
>> 
>> Please do not post admin requests or moderator comments to the list.
>> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>> 
>> Help/Unsubscribe/Update your Subscription:
>> https://lists.apple.com/mailman/options/cocoa-dev/jackbrindle%40me.com
>> 
>> This email sent to jackbrin...@me.com
> 
> ___
> 
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
> 
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
> 
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/jackbrindle%40me.com
> 
> This email sent to jackbrin...@me.com

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com


Re: How to check signature and notarization?

2021-04-12 Thread Jack Brindle via Cocoa-dev
From the code sign man page:
codesign --display --verbose=4 Terminal.app

replace Terminal.app with your application name (be sure to unzip first). The 
information shown will tell you whether it is has a valid signature.
You might try it on a few other apps just to see what that looks like.

Be sure that the customer copies the app from wherever they unzip it to the 
Applications folder, or anyplace else. That will remove the quarantine on the 
app.

As for checking Notarization, I don’t remember how, but there is a way. You 
might explore the apps from Howard Oakley at his Eclectic Mac Light Company web 
page. He has some very good tools that should show the security info.
The URL: https://eclecticlight.co 

We distribute our app in zipped form (no dmg). It is in an installer app that 
the user unzips, then runs, usually at the same place where they unzipped the 
file. No problems with GateKeeper in over two years of Notarization so far.

Jack




> On Apr 12, 2021, at 10:48 AM, Sean McBride via Cocoa-dev 
>  wrote:
> 
> On Mon, 12 Apr 2021 18:36:12 +0200, Gabriel Zachmann via Cocoa-dev said:
> 
>> Is there a way to check that the signature and notarization is proper?
>> Are there any other checks I can do to determine what is going wrong?
> 
> You might find this helpful:
> 
> 
> 
> Sean
> 
> 
> ___
> 
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
> 
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
> 
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/jackbrindle%40me.com
> 
> This email sent to jackbrin...@me.com

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com


Re: How to check signature and notarization?

2021-04-12 Thread Sean McBride via Cocoa-dev
On Mon, 12 Apr 2021 18:36:12 +0200, Gabriel Zachmann via Cocoa-dev said:

>Is there a way to check that the signature and notarization is proper?
>Are there any other checks I can do to determine what is going wrong?

You might find this helpful:



Sean


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com


Re: How to check signature and notarization?

2021-04-12 Thread Marco S Hyman via Cocoa-dev
I don’t know about zip file distribution, but I have both the app AND the dmg 
that I use for distribution notarized.  I create the DMG from a folder 
containing the notarized app and a link to /Applications then run codesign on 
the DMG and upload the result to Apple for notarization.   Once notarized I 
staple the ticket to the dmg.
___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com


How to check signature and notarization?

2021-04-12 Thread Gabriel Zachmann via Cocoa-dev
I am distributing my app using a simple zip file.
Now, I have a few users (only a few it seems) who get the error message
".. can't be opened because Apple cannot check it for malicious software"
when they try to run it.

I am pretty positive I did sign and notarize it before exporting the archive
(using "Developer ID").

Is there a way to check that the signature and notarization is proper?
Are there any other checks I can do to determine what is going wrong?


Best regards, Gabriel



smime.p7s
Description: S/MIME cryptographic signature
___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com