search

SafeExamBrowser / seb-testing

SEB installers for TESTING only, see releases in seb-win / seb-mac for stable public releases.
7 stars 2 forks source link

SEB DMG installer not notarized #5

Closed lifeunexpected closed 4 years ago

lifeunexpected commented 5 years ago

Hey i just wanted to inform you that you need too notarize both the .dmg and the .app not only the .app file when you distribute the app in a dmg file.

if you open terminal and run "codesign -dv --verbose=4 "PathToApplication/DMG" you will get /SafeExamBrowser-2.1.4.dmg: code object is not signed at all

If you are unsure how you do that read the blog post below from Rich Trouton and just replace app/zip with dmg https://derflounder.wordpress.com/2019/04/10/notarizing-automator-applications/

danschlet commented 5 years ago

I'm aware of that, but it didn't make sense to notarize the testing version's .dmg (as Apple didn't bother to provide a one-click notarization for disk image files etc.). I can open the not notarized dmg's even on Catalina without a warning, so why bother for the non-final release (or am I missing something?).

danschlet commented 5 years ago

PS: I shouldn't have called the previous build "Golden Master", it was more like a release candidate.

lifeunexpected commented 5 years ago

In January 2020 Apple will require that every dmg, app, pkg and installer files are signed and notarized so what will happen if you choose not to sign and notarize the dmg installer file after this date is that they wont open on peoples machine.

So you can ignore this until then but its better to start early and and get it into the release process of software so when january comes it feels like a normal step for deploying software.

danschlet commented 5 years ago

As mentioned, the final release DMG will be notarized. These here are only testing versions, so I won't waste time before January to notarize each and every testing build.

lifeunexpected commented 4 years ago

https://latenightsw.com/sd-notary-notarizing-made-easy/

this software might help you in making the notarization and signing a bit easier/quicker.

danschlet commented 4 years ago

Thanks for the link, this tool is really helpful for notarizing DMGs. Now I will of course also notarize the DMGs of preview versions, I started (with this tool) with the current SEB 2.1.5pre2 for macOS build at https://github.com/SafeExamBrowser/seb-testing/tree/master/mac/2.1.5.