Mac app bundle lacks valid developer certificate

[JMY1000]

The current distribution of the Mac app bundle lacks a valid developer certificate. Though this isn't a major issue, Gatekeeper will block it by default. Signing App Bundles allows Gatekeeper as configured by default to run it and lends legitimacy to the app. This document describes the process for signing apps.

[erich666]

Thanks! This I know extremely little about, so any help at all is great.

Unfortunately, the web page doesn't help, since I use WineBottler to make the conversion.

However, I found this: https://mike.kronenberg.org/winebottler-1-5-30-now-with-codesigning-support/ - which I should look into.

[erich666]

So I've bought a developer license for a year, got my Developer ID, tried to put it into WineBottler, following the instructions in the link above.

Maybe I got the wrong certificate? My certificate, after registering to the keychain etc. says "Developer ID Application: Eric Haines (my string)"

Using "Mac Developer: Eric Haines (my string)" didn't work, WineBottler said it's not valid. So it's one of three (at least) things:

1) I should put "Developer ID Application:" instead of "Mac Developer:" - I should try this. 2) I should find some other type of code sign that has "Mac Developer:" in it. 3) This feature just doesn't work.

More study needed.

[JMY1000]

I wasn't aware that enrolling in the Apple Developer Program required a fee.

[erich666]

$99 a year: https://developer.apple.com/support/purchase-activation/

[erich666]

I've written the developer of WineBottler, he won't reply - understandable, as I suspect he has a zillion users. I tried option (1), it didn't work. I searched to get option (2) working, but just can't figure it out - it seems you need to use Xcode to get a "Mac Developer:" certificate, but I'm not actually developing on the Mac.

Any clues appreciated from anyone.

[erich666]

Further documentation for WineBottler is at the bottom right of this page, mostly pointing to bundles and Gatekeeper pages at Apple's site - not much help there.

[erich666]

Asked about this issue on StackOverflow. Fingers crossed.

[JMY1000]

I've got macOS based systems, do you need me to do something?

[erich666]

No, I think all's well. It looks like someone actually answered my query, so I'll try that sometime soon.

[erich666]

Aha, I've received a response from the WineBottler developer: http://stackoverflow.com/questions/39934326/correct-certificate-for-signing-application-with-winebottler

However, I'll have to wait until WineBottler is updated to support Sierra, as my one old Mac would need to be updated to 10.11.5 to be able to use XCode, but Apple wants you to upgrade to Sierra, not 10.11.5 El Capitan.

And, it indeed turns out that I didn't need to pay $99 to become an Apple developer, evidently. XCode certificates are free (which strikes me as odd).

[welleozean]

Hi Eric, I was wandering if you have solved the problem as I m fighting the same battle. I saw on your webpage that your software may or may not work on macOS Sierra...

[erich666]

I believe my Winebottler version actually works fine on Sierra.

I hope to tackle this area one once I have access to a new iMac at the beginning of next month. My old mac is so desperately slow that I haven't bothered to make any new version for the Mac because of it.

[erich666]

The procedure outlined didn't work. With this step by step, I put in exactly the right settings for the field with "Mac Developer: Eric Haines (A...Q)" but when Winebottler was run, it said it would not be signed and gave this error message: "Users/erichaines/Documents/Mineways.app: resource fork, Finder information, or similar detritus not allowed". I tried debugging by looking at developer.apple.com/library/content/qa/qa1940/_index.html, but that spewed a long dump that meant nothing to me. My settings are here: http://www.realtimerendering.com/erich/minecraft/public/mineways/images/winebottler.png

[JMY1000]

Happy to lend a hand still.

[welleozean]

Which macOS version are you on now? I am working both on El Capitan and Sierra. On El Capitan it seems to work, on Sierra I get an error message. However, do to my little knowledge of the Mac world, I do not know if the certificare is integrated correctly.

Besides this point, it looks like the created bundle works very well on both El Capitan and Sierra. If it is confirmed by a bunch of my users, I'll be very happy to give a little money to the developer (unfortunately he doesn't reply to messages :( )

[erich666]

I'm on Sierra. I can certainly use Winebottler without the Codesign identity getting filled in and make a working version of Mineways - that has worked fine for years. The problem is the codesign failure, the "detritus" message. From what I can tell, it's that Apple tightened up their security process. I've tried Winebottler 1.8 and 1.8.1, I get the same error. @welleozean have you been able to take mineways32.exe (in the latest mineways.zip download) and make a codesigned version, without the "detritus" error?

[welleozean]

Erich, I use Winebottler for my own software (for distribution on macOS). At the moment I am still creating it on El Capitan with Codesign. If I try to do it on Sierra I get several errors (related to Codesign). I haven't analyzed the problem very deeply (but I'll do). At the moment it seems the version created on El Capitan (with Codesign) can be opened on Sierra too (even if some users reported they can not, even with opening it the first time with Right click and select Open).

[erich666]

Sorry, I've been on vacation. Yes, I'm finding on Sierra that the version I make runs fine, it's just not signed, so gives security warnings. Ah, well, someday this feature on Winebottler may work again. He doesn't seem to have a way to report bugs, so fingers crossed.

[erich666]

I will no longer support the Mac version (unless Winebottler starts to support 64 bits). Something strange is going on with the Windows 32 bit version - it builds but does not run. I would guess some memory corruption somehow, but it's unclear what is happening. Without a 32 bit Windows version, I can't make the 32 bit Mac version. That said, Wine itself and Crossover appear to run the Windows version fine, so moving on...