osx-gatekeeper

How to sign Java applet with Apple Developer ID

戏子无情 提交于 2019-12-04 05:14:08
问题 I have java applet signed with thwate certificate and need to sign it with Apple Developer ID. As is well-known, Mac OS X 10.8 requires Java applications to be signed with Apple Developer ID. It causes some problems with running Java applets, Gatekeeper says that "The digital signature could not be verified". There are the same issues OS X 10.8 Gatekeeper and Java applets and Sign java applet so that it works on OS X 10.8 Mountain Lion and Windows I also found this in Oracle's Mac FAQ: http:/

How to codesign and enable the hardened runtime for a 3rd-party CLI on Xcode?

家住魔仙堡 提交于 2019-12-03 14:25:55
My project needs the Ghostscript to do lots of tasks, so I have added the gs CLI tool into my project resource. However when I tried to notarize the project application, Xcode shows me this: I assume that might because the ghostscript portable CLI is a 3rd-party program from the internet and which doesn't have a codesign, also it has not been enabled the hardened runtime. On the latest MacOS Mojave I have to notarize applications to avoid the gatekeeper shows warnings during the user opens the DMG file. But it seems the notarizing is hard to pass if the application contains a 3rd-party CLI. Is

Unidentified developer for Java Web Start application on OS X

家住魔仙堡 提交于 2019-12-03 11:40:34
On Mac OS X 10.9 signed Java Web Start applications are blocked by default with the message: "application.jnlp" can't be opened because it is from an unidentified developer. I know it's possible to weaken the security checks to allow any application to run, but that requires a manual intervention of the end user. Is it possible to "sign" a Java Web Start application such that it is recognized as originating from an identified developer? Thank you Apple does appear to support signing of webstart -- but not directly. You have to bundle it in an archive. See the note at the bottom of this page:

Gatekeeper signing for OSX DMGs outside of OSX/XCode/Mac App Store?

落爺英雄遲暮 提交于 2019-12-03 05:08:07
From looking at notes for the upcoming OSX version (the one after OSX Lion), it appears that all DMGs/installers need to be signed, even if not distributed via the Mac App store. I couldn't find a command-line tool to do this signing though, or much documentation about obtaining a signing cert without submitting to the App Store. Can someone shed light on: 1) How to obtain a certificate without distributing you app via the Mac App Store? 2) How to sign a DMG without using built-in XCode tools (preferable a cross-platform tool)? Thanks! Codesigning is described in detail here and here -

How to sign Java applet with Apple Developer ID

浪子不回头ぞ 提交于 2019-12-02 03:16:06
I have java applet signed with thwate certificate and need to sign it with Apple Developer ID. As is well-known, Mac OS X 10.8 requires Java applications to be signed with Apple Developer ID. It causes some problems with running Java applets, Gatekeeper says that "The digital signature could not be verified". There are the same issues OS X 10.8 Gatekeeper and Java applets and Sign java applet so that it works on OS X 10.8 Mountain Lion and Windows I also found this in Oracle's Mac FAQ: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/mac-faq.html#gatekeeper So, I requested and

Code sign Java app for OS X Gatekeeper

醉酒当歌 提交于 2019-12-01 05:47:05
I am trying to distribute a Java application to OS X users. I am not using the Mac store - it is to be distributed through my own website. Whatever I try, OS X's Gatekeeper rejects the app. Here's my method: (1) Build the app as usual, get a JAR file (2) Use appbundler as described here: https://docs.oracle.com/javase/7/docs/technotes/guides/jweb/packagingAppsForMac.html . This creates a .app around my JAR which runs nicely, and contains the JVM in the MyApp.app/Contents/PlugIns directory. (3) Sign the app with my Developer certificate: codesign -s 'Developer ID Application: MyCompany Ltd' -

Code sign Java app for OS X Gatekeeper

笑着哭i 提交于 2019-12-01 02:49:47
问题 I am trying to distribute a Java application to OS X users. I am not using the Mac store - it is to be distributed through my own website. Whatever I try, OS X's Gatekeeper rejects the app. Here's my method: (1) Build the app as usual, get a JAR file (2) Use appbundler as described here: https://docs.oracle.com/javase/7/docs/technotes/guides/jweb/packagingAppsForMac.html. This creates a .app around my JAR which runs nicely, and contains the JVM in the MyApp.app/Contents/PlugIns directory. (3)

Productsigned Mac app not installing in computers that are not mine

谁说我不能喝 提交于 2019-11-30 22:42:42
I have a Mac app which I have signed using the 'productsign' command from the terminal productsign --sign "3rd Party Mac Developer Installer: My company (dasdfjkaj)" InstallerUnsigned.pkg InstallerSigned.pkg productsign: signing product with identity "3rd Party Mac Developer Installer: My company (dasdfjkaj)" from keychain /Users/me/Library/Keychains/login.keychain productsign: adding intermediate certificate "Apple Worldwide Developer Relations Certification Authority" productsign: Wrote signed product archive to InstallerSigned.pkg I then ran the assess command spctl -a -v --type install

Productsigned Mac app not installing in computers that are not mine

风流意气都作罢 提交于 2019-11-30 18:04:06
问题 I have a Mac app which I have signed using the 'productsign' command from the terminal productsign --sign "3rd Party Mac Developer Installer: My company (dasdfjkaj)" InstallerUnsigned.pkg InstallerSigned.pkg productsign: signing product with identity "3rd Party Mac Developer Installer: My company (dasdfjkaj)" from keychain /Users/me/Library/Keychains/login.keychain productsign: adding intermediate certificate "Apple Worldwide Developer Relations Certification Authority" productsign: Wrote

Codesigning Kext with kext enabled certificate fails during kextload, “code signature invalid”

戏子无情 提交于 2019-11-29 02:04:28
So we have a certificate that allows us to sign kexts, but when we run > sudo kextload friendly.kext, it fails and we sign the kext we want, and to prove it's signed, here's some diagnostic output: 👉 codesign --verify -vvvv friendly.kext friendly.kext: valid on disk friendly.kext: satisfies its Designated Requirement 👉 spctl -a -vvvv friendly.kext friendly.kext: accepted source=Developer ID origin=Developer ID Application: Friendly Corporation /Library/Extensions 👉 codesign -dvvv friendly.kext Executable=/Library/Extensions/friendly.kext/Contents/MacOS/friendly Identifier=com.friendly.friendly