Air 23/24 app for Mac code signing using Distribution ID for general distribution

Hi Vivek, thanks so much, I followed the instructions (removing the 5 files, signing the 4 files) and it worked on 2 apps I tested!

I did experience a bit of an odd error the first couple of times I tried the above, the resultant signed file said it was not trusted - I researched the error and discovered it was certificate related (although I had not changed the certs since I had originally installed them). I actually deleted the specific certs from the keychain, then re-installed them (the 2 Apple authority and my own Developer ID certs) and made sure they were all set to Use System Defaults in their trust properties. I noticed that one of the certs was not set to Use System Defaults before I deleted it, which I have no idea how that setting changed (maybe when I upgraded OSX). In my case, I had to make sure they were all fresh installed and all set to Use System Defaults in the Trust settings.

Thanks again.

Nitanwar, I am still unable to sign my mac app (see last post above) it claims it is related to the frameworks? Can you share the steps you have taken to successfully sign an app for general distribution? What you removed (if any), and what you signed? Thanks.

I have retried using the following, still doesn't work by at least it tells me the issue:

rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/Adobe\ AIR.vch

rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/adobecp.plugin

rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/adobecp.vch

rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/AdobeCP15.plugin

rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/WebKit.dylib

rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/Flash\ Player.plugin

which all seems to work, followed by:

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64\ Helper

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Resources/ExtendedAppentryTemplate64

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/MacOS/App

codesign -f -v -s “Developer ID Application: Developer" APP.app

Then, if I run codesign -vvv App.app it says:

App.app: nested code is modified or invalid

File modified.. /App.app/Contents/frameworks/Adobe AIR.framework

Which is signed as the response when I codesign it - signed bundle with Mach-0 thin (x86_64) [com.adobe.AIR]

Is there something else that requires signing in framework?

Hi, just to make this simple, I created a new app (same name, same app.xml) but it only has a button and a single text field - nothing else. Using adt and my self signed cert, I created the App.app on a mac, which compiles and runs the app as it should. Next I do the following:

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64\ Helper

- signed Mach-0 thin (x86_64) [Adobe AIR_64 Helper]

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64

- signed Mach-0 thin (x86_64) [Adobe AIR_64

]

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR

- signed bundle with Mach-0 thin (x86_64) [com.adobe.AIR]]

codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/MacOS/App

- signed bundle with Mach-0 thin (x86_64) [com.app.APP]]

codesign -f -v -s “Developer ID Application: Developer" APP.app

- replacing existing signature

- signed bundle with Mach-0 thin (x86_64) [com.app.APP]]

then if I run:

spctl -a -v App.app,

- App.app: nested code is modified or invalid.

It seems that the signing is working, but the resultant app is not correctly or completely signed. I am wondering if when I use the adt command I should sign with the apple developer cert?

Thanks.

Hi ,

I tried signing the app with distribution certificates and found no problem while signing. The app worked fine and even after putting it in dmg it worked fine in same computer as well as different computer.

We would need your sample app for further investigation, please log a bug her  Home and attach your sample app.

Has anyone had any success in signing mac air sdk23/24 apps using the Apple Distribution ID certs and the above method?