-
-
Notifications
You must be signed in to change notification settings - Fork 524
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
macOS packager produces invalid signature #3757
Comments
Please don't re-raise issues, threads and discussions can continue on old issues... |
my bad i thought you wanted me to create a new issue, should i move back to the original issue? |
I just took a look at this repro and my original comment in the old issue is still correct. Your app isn't codesigned because you aren't codesigning it properly 🤷 There are two types of "code signature" on macOS (warning, over simplification):
Because you haven't configured TLDR: Get a real macOS code signing certificate and configure it correctly in |
Thanks for the explanation! |
Pre-flight checklist
Electron Forge version
7.5.0
Electron version
v33.2.0
Operating system
Version 14.3.1
Last known working Electron Forge version
No response
Expected behavior
signature verification should pass otherwise the app will fail to work properly (e.g. it will not ask for permissions when required)
if the signature is broken then permission popups like the one below will not show up to the user when necessary
Actual behavior
signature fails verification which causes errors when trying to ask for permissions during runtime
Steps to reproduce
npm run package
out/make/zip/darwin/arm64
codesign --verify --deep --strict --verbose=2 ./my-new-electron-app.app
./my-new-electron-app.app: invalid Info.plist (plist or signature have been modified) In architecture: arm64
it seems like the cause is some generated keys are incorrect in
out/make/zip/darwin/arm64/my-new-electron-app.app/Contents/_CodeSignature/CodeResources
for example: one of the keys is
<key>Frameworks/Electron Helper (GPU).app</key>
but it should be:
<key>Frameworks/my-new-electron-app Helper (GPU).app</key>
current solution is to manually sign (which produces the correct keys in
CodeResources
:codesign --force --deep --sign - ./my-new-electron-app.app
codesign --verify --deep --strict --verbose=2 ./my-new-electron-app.app
./my-new-electron-app.app: valid on disk \n ./my-new-electron-app.app: satisfies its Designated Requirement
Additional information
related to #3754
The text was updated successfully, but these errors were encountered: