Notarize/Sign Swift , ObjC and even Xojo Apps

its not quite done yet, but soon I will have a drag-n-drop app the will sign and notarize most compiled apps on macOS.

It does require you have a valid Apple Dev Certificate

You simply compile your app (including Xojo) and drag it into the Notary App.

It then asks a few questions (and stores the answers in Keychain for future use)

It then signs the code (including adding a secure timestamp)
Notarizes the code
Staples it
and if specified creates the selected output type

3 Likes

Sounds really nice. Would like to test it with Java Programs

Well it seem to successfully take a compiled app (tested with Swift and Xojo (19r1.1))
and it produced a code-signed and notarized output

  • App
  • Zip file
  • DMG file
  • PKG file [this is signed with a different cert than the others for some reason]

the DMG is no frills, but works fine :slight_smile:

Now to make the UI part of this app look better, too utilitarian

If you want I can try it with Java written applications. Also I would appreciate to do UI tests if needed / wanted.

I’d be curious to see if it worked on .Net apps. I assume it only works on a Mac (that is, you can’t cross-notarize from Windows or Linux?)

I guess this will be so as I know he is programming in swift with swift UI. Why should he get a tool out for Windows or Linux? Anyhow you need to test your Software and your installer under the platform you want to notarize for. So I giess you will need at least one machine with the os platform, isn’t it so?

I have all the “logic” working it seems, now to add some more robust error checking and a pretty UI

You are aware this is now easily done in Xojo 2024r4? Even Appwrapper is not needed anymore.

1 Like

Hahaha that was good. No, not working under all circumstances.

1 Like

Intresting. Which circumstances?

a) not all of us here (especially me) use or care to use Xojo
b) I doubt the Xojo implementation works well, and I doubt it works at all for non Xojo apps

@thorstenstueker : Just Swift, not SwiftUI :slight_smile:

1 Like

I put 2024r4 away since it cant / wont compile my clients android project for reasons I do not understand

My bug report about it wth fill source code hasten even been looked at yet

Works fine for my needs. Even helpers are signed correctly.
I used Appwrapper but now can do both codesigning and notarising in Xojo. Which is handy.

But yes, only for Xojo apps. It’s just part of the build steps.

2 Likes

Ok… confused… When notarizing an app, you need a “app specific password”, Ok. I know how to get one, but other that during the notarization process, is it ever needed again?

Re-Notarization : If you need to submit a new version or update the app for notarization, you’ll need to provide the app-specific password again at that time.

yea, i’m wrapping non-xojo stuff so thats not helpful, and xojo is expensive. :smiley:

Hundrets of them. Try with Plugins. Try to get into the Appstore with it. You may become red headed steam machine within.

I realize that, the question was, AFTER it has been notorized… if not, then why bother having one?

I mean, what is the danger if someone were to determine that PW?

The app-specific password is for your app.

So your app notarizes, and does stuff, and notarizes multiple apps, etc.

You don’t create a new password for each app you are notarizing.

The danger if someone were to determine the password is that the permissions for that app specific password will be available to anyone with that password. Keeping it in the mac’s keychain as you seem to be is a good idea.

Xojo wont sign iOS apps here :slight_smile: