Code signing CURLHandle?

[gbrhaz]

Hey,

I was just seeing if it could be code signed, and it actually went through fine, but when I made some changes to the .pch file (commented the log #defines) it stopped working. Validation just wouldn't run. Any ideas what would be causing this?

[mikeabdullah]

It's not something I've really tested myself. Curious, why do you want to code sign CURLHandle? I think in general it's desirable to sign your overall app, than an individual framework.

[terrencetalbot]

In my experience with Sandvox, Mac App Store validation required (after some point in time in the last six months) that frameworks be individually signed with at least the correct bundle identifier and your dev id. This rule also appears to include any embedded dylibs. FWIW, we started signing CURLHandle in Sandvox like this:

codesign -s DEV_ID --prefix com.karelia.CURLHandle.dylibs. --force "${PATHTOSIGN}"

and then Apple seemed happier.