Reputation: 842
How to download notarized files from Apple?
I have successfully notarized a plugin via command line for a Mac application i'm developing plugins for. This plugin is intended for distribution outside of Mac appstore.
xcrun altool --notarize-app --primary-bundle-id "com.demo.bundle.id" --username "[email protected]" --password "xxx-x-xxxx-xx" --file Plugin.zip
Got an email that it has been successfully notarized and the email has instructions on how to export for distribution. However, it's an instruction for XCode UI but I did the notarization via command line so the instructions doesn't apply for me. Is there a commandline to download the notarized file(Plugin.zip) or else how do I get the Plugin.zip file from Apple to distribute it on my website?
UPDATE:
Turns out you can notarize a .zip file but you can't staple it. So I decided to create a .pkg to distribute my plugin instead of distributing via a zip file.
Here's the steps I followed to successfully notarize and staple my plugin, lets say my plugin name is FileConvertor.PluginExtension
- Code sign your binaries to be included in your installer.
codesign --sign "Developer ID Application: Developer Name" --verbose=4 --deep --force --strict FileConvertor.PluginExtension - Create your installer (.pkg) adding the above code signed
.PluginExtension - Now sign your installer with the installer certificate.
productsign --sign "Developer ID Installer: Developer Name" ./FileConvertor.pkg ./FileConvertorSigned.pkg - Send the signed installer for notarization
xcrun altool --notarize-app --primary-bundle-id "com.demo.plugin" --username [email protected]" --password "xxxx-xxxx-xxxx-xxxx" --file FileConvertorSigned.pkg - If sucessfully notarized, staple your installer
xcrun stapler staple FileConvertorSigned.pkg - Distribute your installer on the web
Upvotes: 5
Views: 1430
Answers (2)
Reputation: 33
Apple do not return anything from Notarization. Your signed file has a unique ID, in the signature, that Apple have stored. Once notarized, the signed file is accepted if downloaded.
Upvotes: 2
Reputation: 12566
You don't download your plugin.zip from Apple - just work with the same archive you originally uploaded to them. You are the one that actually staples the notarization ticket to whatever you are notarizing.
I haven't tried it myself with a .zip, but this is the process pieced together from the documentation.
Notarizing Your App Before Distribution says:
Notarize Your Preexisting Software
[...]
- Upload your software to the Apple notary service, as described in Upload Your App to the Notarization Service.
You've already done this step.
- Staple the returned ticket to your existing software, as described in Staple the Ticket to Your Distribution.
You have to attach the notarization ticket to whatever you're distributing, so Gatekeeper can find it even without a network connection. Normally you use the stapler tool to do this:
xcrun stapler staple MyApp.app
However, stapler doesn't support zip files. Customizing the Notarization Workflow says:
While you can notarize a ZIP archive, you can’t staple to it directly. Instead, run stapler against each individual item that you originally added to the archive. Then create a new ZIP file containing the stapled items for distribution.
So; expand your .zip and run stapler staple {filename} against each item contained inside. Then create a new .zip archive of the stapled contents.
Upvotes: 3
Related Questions
- Where to find notarytool?
- Issues with codesigning and notarization for Mac M1
- How to upload dmg file for notarization in xcode
- Notarize a .zip file
- Add a checksum file to my macOS notarised app bundle
- How to codesign and notarize an Os X app?
- How do I verify that a macOS pkg is notarized
- MacOS notarization on command line returning 'unsupported url' when getting status
- OSX Notarize for executables (not an app)
- Why does my macOS notarization example not work?