g-mon
January 14, 2020, 9:16pm
#1
{
"logFormatVersion": 1,
"jobId": "c7f0230e-a710-4f4e-a747-6d124a3382e5",
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"archiveFilename": "Demo.zip",
"uploadDate": "2020-01-14T21:12:23Z",
"sha256": "e39a08f2643058cbefeed03d7b85d871ea5665d0f1eb62e1ff0e1ba61e8c50d9",
"ticketContents": null,
"issues": [
{
"severity": "error",
"code": null,
"path": "Demo.zip/Demo.app/Contents/MacOS/Demo",
"message": "The executable does not have the hardened runtime enabled.",
"docUrl": null,
"architecture": "x86_64"
}
]
}
I have hardened runtime enabled in ProJucer, but I still get the following error from Apple. Any ideas why?
Which version of Xcode are you using?
Rail
g-mon
January 14, 2020, 10:43pm
#4
Figured it out. It’s not enough to just enable hardened runtime in ProJucer since I sign afterwards. I need to add --option=runtime to my sign step.
My sign step is now codesign --force -s "$DEV_APP_ID" -v "Demo.app" --deep --strict --options=runtime and it works.
10 Likes
Many thanks Mon! Saved me some wasted time. Also it’s prob a good idea to add in the --timestamp flag as well.
Yeah, it can’t hurt, the docs say that without that argument it will default to whatever the system has been set to (which is by default to use the timestamp server afaict), but being explicit is probably a good idea since notarisation will fail if the timestamp server isn’t used.
1 Like
Quick question… is there a way to add that --timestamp flag in the Projucer project settings? I see ‘Other Code Signing Flags’ in Xcode but not in Projucer (5.4.7. Not updated to JUCE 6 yet).
DaveH
August 5, 2020, 8:33am
#8
If you click on the Xcode Exporter Release or Debug settings you’ll see ‘Custom Xcode Flags ’, add this so the panel:
OTHER_CODE_SIGN_FLAGS= --options=runtime --timestamp
(this is with Projucer 5.4.7)
2 Likes
Awesome - thanks… I always wondered how to do that.
