HOWTO macOS notarization (plugins, app, pkg installers)

DSP, Plugin and Host development discussion.
Post Reply New Topic
RELATED
PRODUCTS

Post

How to reupload a failed file for notarization? I've recompiled and code signed application again, but notarization tells me cache still has the same item.
Image

Post

Aleksey Vaneev wrote: Sat Nov 09, 2019 7:04 am How to reupload a failed file for notarization? I've recompiled and code signed application again, but notarization tells me cache still has the same item.
For me new time stamp was enough. And it could take some hours to get new notarization ... It seems that Apple notar server does a re-queueing when sending the same file several times.

Post

Thanks, so application's change time/timestamp is enough to change?
Image

Post

How is "hardened runtime" is enabled via clang++ switches?
Image

Post

Of course if you provide an app together with your pkg installer you need to sign, notarize and staple this app as well (as written in the first post). Re-signing seems to be enough to (re)start notarization.

This is our process chain (app+plugin in one pkg):

vst2/vst3/au => codesign
app => codesign, notarize, staple

pkg (app+plugin) => codesign, notarize, staple
(exact instructions in first post)

Just an observation of the notarization process: we have to wait until notarization of a specific "primary-bundle-id" is finished (email or polling) before starting the new notarization. Otherwise the notar queue seems to screw up.

Post

What does "Package Invalid" notarization result mean on an AudioUnit component?

How to ZIP exactly the component file, without Library/Audio..etc path?
Last edited by Aleksey Vaneev on Sat Nov 09, 2019 10:36 am, edited 2 times in total.
Image

Post

Aleksey Vaneev wrote: Sat Nov 09, 2019 10:31 am What does "Package Invalid" notarization result mean on an AudioUnit component?
Image

Post

Aleksey Vaneev wrote: Sat Nov 09, 2019 10:31 am What does "Package Invalid" notarization result mean on an AudioUnit component?
Just to clarify: you have a pkg with vst/vst3 and au, right?
All three plugins are signed, right?
Then you sign and notarize the pkg and get this message, right?

Post

How to ZIP exactly the component file, without Library/Audio..etc path?
Image

Post

TB-ProAudio wrote: Sat Nov 09, 2019 10:35 am
Aleksey Vaneev wrote: Sat Nov 09, 2019 10:31 am What does "Package Invalid" notarization result mean on an AudioUnit component?
Just to clarify: you have a pkg with vst/vst3 and au, right?
All three plugins are signed, right?
Then you sign and notarize the pkg and get this message, right?
I only have component file, not pkg.
Image

Post

Aleksey Vaneev wrote: Sat Nov 09, 2019 10:37 am
TB-ProAudio wrote: Sat Nov 09, 2019 10:35 am
Aleksey Vaneev wrote: Sat Nov 09, 2019 10:31 am What does "Package Invalid" notarization result mean on an AudioUnit component?
Just to clarify: you have a pkg with vst/vst3 and au, right?
All three plugins are signed, right?
Then you sign and notarize the pkg and get this message, right?
I only have component file, not pkg.
OK, so packed the signed au in a zip file, signed and notarized this, right?

Post

TB-ProAudio wrote: Sat Nov 09, 2019 10:39 am
Aleksey Vaneev wrote: Sat Nov 09, 2019 10:37 am
TB-ProAudio wrote: Sat Nov 09, 2019 10:35 am
Aleksey Vaneev wrote: Sat Nov 09, 2019 10:31 am What does "Package Invalid" notarization result mean on an AudioUnit component?
Just to clarify: you have a pkg with vst/vst3 and au, right?
All three plugins are signed, right?
Then you sign and notarize the pkg and get this message, right?
I only have component file, not pkg.
OK, so packed the signed au in a zip file, signed and notarized this, right?
Yes, but it looks like the packed signed au includes /LIbrary/Audio/Plugins path, so it does not work, no idea how to ZIP correctly.
Image

Post

Can I just notarize DMG file, without need to notarize individual components?
Image

Post

Aleksey Vaneev wrote: Sat Nov 09, 2019 10:40 am
TB-ProAudio wrote: Sat Nov 09, 2019 10:39 am
Aleksey Vaneev wrote: Sat Nov 09, 2019 10:37 am
TB-ProAudio wrote: Sat Nov 09, 2019 10:35 am
Aleksey Vaneev wrote: Sat Nov 09, 2019 10:31 am What does "Package Invalid" notarization result mean on an AudioUnit component?
Just to clarify: you have a pkg with vst/vst3 and au, right?
All three plugins are signed, right?
Then you sign and notarize the pkg and get this message, right?
I only have component file, not pkg.
OK, so packed the signed au in a zip file, signed and notarized this, right?
Yes, but it looks like the packed signed au includes /LIbrary/Audio/Plugins path, so it does not work, no idea how to ZIP correctly.
Without path? But then the unpack goes somewhere, I see...
But why not use pkg? Similar to zip, supports pathes and gets notarized?

Post

Aleksey Vaneev wrote: Sat Nov 09, 2019 10:41 am Can I just notarize DMG file, without need to notarize individual components?
Sorry, no experience with DMG. But it seems that DMG is not supported by notar process...

Post Reply

Return to “DSP and Plugin Development”