Code Icon Java Application for OS X Gatekeeper

Question

Code Icon Java Application for OS X Gatekeeper

I am trying to distribute a Java application to users of OS X. I am not using a Mac store — it must be distributed through my own website. No matter what I try, OS X Gatekeeper rejects the application.

Here is my method:

(1) Build the application as usual, get the JAR file

(2) Use appbundleras described here: https://docs.oracle.com/javase/7/docs/technotes/guides/jweb/packagingAppsForMac.html . This creates an .app around my JAR, which works well and contains the JVM in the directory MyApp.app/Contents/PlugIns.

(3) Log in to the application with my developer certificate:

codesign -s 'Developer ID Application: MyCompany Ltd' --deep MyApp.app

... process completed successfully

(4) Make sure that .app will adhere to Gatekeeper's Iron-Fist laws:

spctl --assess --verbose=4 --type execute MyApp.app

... and the result I will return:

MyApp.app: a sealed resource is missing or invalid

! ? ?

SO/Google " ...", ( ) --force ( , ).

+4

java code-signing macos osx-gatekeeper app-bundle

HughHughTeotl 14 . '14 20:36

1

whiskeyspider · Accepted Answer · 2014-11-14T20:45:26+0000

--deep. , JRE, . Apple:

: -deep . ( Xcode ). --deep .

. . Ant script:

<!-- code sign -->
<exec executable="chmod">
    <arg line="a+w ${build.dir}/Mac/MyApp.app/Contents/PlugIns/jre"/>
</exec>

<apply executable="codesign"> <!-- note: this loops through the contents of dir -->
    <arg line="-f -s 'Developer ID Application: My Organization'"/>
    <fileset dir="${build.dir}/Mac/MyApp.app/Contents/PlugIns/jre" />
</apply>

<exec executable="codesign" dir="${build.dir}/Mac"> 
    <arg line="-f -s 'Developer ID Application: My Organization' MyApp.app/Contents/PlugIns/jre"/>
</exec>

<exec executable="codesign" dir="${build.dir}/Mac"> 
    <arg line="-f -s 'Developer ID Application: My Organization' MyApp.app/Contents/PlugIns/jre/Contents/_CodeSignature/CodeResources"/>
</exec>

<!-- also codesign anything else in _CodeSignature (see comments) -->

<exec executable="codesign" dir="${build.dir}/Mac">
    <arg line="-f -s 'Developer ID Application: My Organization' MyApp.app"/>
</exec>


<!-- verify codesign -->
<exec executable="codesign" dir="${build.dir}/Mac" failonerror="true">
    <arg line="-vv MyApp.app"/>
</exec>


<!-- verify gatekeeper -->
<exec executable="spctl" dir="${build.dir}/Mac" failonerror="true">
    <arg line="-vv --assess --type execute MyApp.app"/>
</exec>

, , - zip , . productbuild, PackageMaker, xip dmg.

Code Icon Java Application for OS X Gatekeeper

More articles: