Copy link to clipboard
Copied
I am trying to code sign my air for mac app (sdk 23/24) and have researched and found several threads, none of which appear to work. This is for general distribution, not for the Mac Store. I have tried the following:
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/Adobe\ AIR.vch
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/adobecp.plugin
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/adobecp.vch
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/AdobeCP15.plugin
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/WebKit.dylib
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/Flash\ Player.plugin
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/AdobeCP15.plugin
which all seems to work, followed by:
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64\ Helper
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/MacOS/App
codesign -f -v -s “Developer ID Application: Developer" APP.app
which all seems to work, indicating each step is signed.
If I start the signed App.app directly (double click) it opens and runs no problems. However if I put it into a dmg, take the dmg and put it on a server, download back onto the same computer, mount the dmg and try to run App.app, it says it is damaged and should be put in the trash. I have done this several times.
On the signed App.app, when I run spctl -a App.app, I get: App.app: nested code is modified or invalid.
I have also tried the above without the initial rm commands, leaving the bundle intact prior to signing, and just using the 5 codesign commands - get the same results: nested code is modified or invalid. Note that I first compile the app using a self signed certificate, then apply the above to the resultant app.
Any help appreciated, I must be missing a step somewhere?
Hi ,
Please try these steps:
Delete following from your app:
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Adobe AIR_64 Helper
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Resources>Adobe AIR.vch
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Resources>ExtendedAppEntryTemplate64
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Resources>Flash Player.plugin
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Resources>WebKit.dyl
...Copy link to clipboard
Copied
Has anyone had any success in signing mac air sdk23/24 apps using the Apple Distribution ID certs and the above method?
Copy link to clipboard
Copied
Hi ,
I tried signing the app with distribution certificates and found no problem while signing. The app worked fine and even after putting it in dmg it worked fine in same computer as well as different computer.
We would need your sample app for further investigation, please log a bug her Home and attach your sample app.
Copy link to clipboard
Copied
Hi, just to make this simple, I created a new app (same name, same app.xml) but it only has a button and a single text field - nothing else. Using adt and my self signed cert, I created the App.app on a mac, which compiles and runs the app as it should. Next I do the following:
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64\ Helper
- signed Mach-0 thin (x86_64) [Adobe AIR_64 Helper]
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64
- signed Mach-0 thin (x86_64) [Adobe AIR_64
]
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR
- signed bundle with Mach-0 thin (x86_64) [com.adobe.AIR]]
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/MacOS/App
- signed bundle with Mach-0 thin (x86_64) [com.app.APP]]
codesign -f -v -s “Developer ID Application: Developer" APP.app
- replacing existing signature
- signed bundle with Mach-0 thin (x86_64) [com.app.APP]]
then if I run:
spctl -a -v App.app,
- App.app: nested code is modified or invalid.
It seems that the signing is working, but the resultant app is not correctly or completely signed. I am wondering if when I use the adt command I should sign with the apple developer cert?
Thanks.
Copy link to clipboard
Copied
I have retried using the following, still doesn't work by at least it tells me the issue:
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/Adobe\ AIR.vch
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/adobecp.plugin
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/adobecp.vch
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/AdobeCP15.plugin
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/WebKit.dylib
rm -rf APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/1.0/Resources/Flash\ Player.plugin
which all seems to work, followed by:
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64\ Helper
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Resources/ExtendedAppentryTemplate64
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/MacOS/App
codesign -f -v -s “Developer ID Application: Developer" APP.app
Then, if I run codesign -vvv App.app it says:
App.app: nested code is modified or invalid
File modified.. /App.app/Contents/frameworks/Adobe AIR.framework
Which is signed as the response when I codesign it - signed bundle with Mach-0 thin (x86_64) [com.adobe.AIR]
Is there something else that requires signing in framework?
Copy link to clipboard
Copied
Nitanwar, I am still unable to sign my mac app (see last post above) it claims it is related to the frameworks? Can you share the steps you have taken to successfully sign an app for general distribution? What you removed (if any), and what you signed? Thanks.
Copy link to clipboard
Copied
Hi ,
Please try these steps:
Delete following from your app:
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Adobe AIR_64 Helper
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Resources>Adobe AIR.vch
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Resources>ExtendedAppEntryTemplate64
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Resources>Flash Player.plugin
App>Contents>Frameworks>Adobe AIR.framework>Versions>1.0> Resources>WebKit.dylib
Sign the app:
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR_64
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/Versions/Current/Adobe\ AIR
codesign -f -v -s “Developer ID Application: Developer" APP.app/Contents/Frameworks/Adobe\ AIR.framework/
codesign -f -v -s “Developer ID Application: Developer" APP.app
Please verify if these steps help.
-Vivek
Copy link to clipboard
Copied
Hi Vivek, thanks so much, I followed the instructions (removing the 5 files, signing the 4 files) and it worked on 2 apps I tested!
I did experience a bit of an odd error the first couple of times I tried the above, the resultant signed file said it was not trusted - I researched the error and discovered it was certificate related (although I had not changed the certs since I had originally installed them). I actually deleted the specific certs from the keychain, then re-installed them (the 2 Apple authority and my own Developer ID certs) and made sure they were all set to Use System Defaults in their trust properties. I noticed that one of the certs was not set to Use System Defaults before I deleted it, which I have no idea how that setting changed (maybe when I upgraded OSX). In my case, I had to make sure they were all fresh installed and all set to Use System Defaults in the Trust settings.
Thanks again.