macos: electron app 打包/证书/签名/公正/Notarization 的过程
打包证书等问题
重要资源网站
很多
apple的证书会需要在这里更新。
证书配置
很重要的一点:证书这里要用“系统默认”,如果出现红色,说明 有其它的 apple 证书需要安装,安装完成之后,会自动变绿的。
- 下载
签名
codesign --deep --force --verbose --sign "Apple Distribution: ALO7 HK Limited (WJFKG4XLTJ)" al7-not-ok.app
codesign --deep --force --verbose --options runtime --entitlements entitlements.mac.plist --sign "Apple Distribution: ALO7 HK Limited (WJFKG4XLTJ)" al7-not-ok.app
# 这个失败了
$ codesign --deep --force --verbose --sign "Apple Distribution: ALO7 HK Limited (WJFKG4XLTJ)" al7-not-ok.app
# 下面这个会成功的 -> Developer ID Application: ALO7 HK Limited (WJFKG4XLTJ)[记得用这一个]
$ codesign --deep --force --verbose --options runtime --sign "Developer ID Application: ALO7 HK Limited (WJFKG4XLTJ)" al7-not-ok.app
al7-not-ok.app: replacing existing signature
al7-not-ok.app: signed app bundle with Mach-O thin (x86_64) [com.alo7.onlineclassroom.Student]❯ p xcrun notarytool submit al7-not-ok.zip --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS" --wait
Conducting pre-submission checks for al7-not-ok.zip and initiating connection to the Apple notary service...
Submission ID received
id: 607a05ee-6e65-4e60-aeef-8ddc517b5d14
Upload progress: 100.00% (156 MB of 156 MB)
Successfully uploaded file
id: 607a05ee-6e65-4e60-aeef-8ddc517b5d14
path: /Users/ap7/Downloads/al7-not-ok.zip
Waiting for processing to complete.
Current status: Accepted...............
Processing complete
id: 607a05ee-6e65-4e60-aeef-8ddc517b5d14
status: Accepted~/Downloads via 🐹 v1.24.1 via 🐠 v20.17.0 via 🐍 v3.10.0
$ p xcrun notarytool log 607a05ee-6e65-4e60-aeef-8ddc517b5d14 --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS"
{
"logFormatVersion": 1,
"jobId": "607a05ee-6e65-4e60-aeef-8ddc517b5d14",
"status": "Accepted",
"statusSummary": "Ready for distribution",
"statusCode": 0,
"archiveFilename": "al7-not-ok.zip",
$ xcrun stapler staple al7-not-ok.app
Processing: /Users/ap7/Downloads/al7-not-ok.app
Processing: /Users/ap7/Downloads/al7-not-ok.app
The staple and validate action worked!
~/Downloads via 🐹 v1.24.1 via 🐠 v20.17.0 via 🐍 v3.10.0 took 2s
$ spctl -a -v al7-not-ok.app
al7-not-ok.app: accepted
source=Notarized Developer ID总结
📌 重点总结
确保 Notary 通过 → xcrun notarytool log <submission-id>
执行 stapler 附加票据 → xcrun stapler staple al7-not-ok.app
清除 quarantine 限制 → xattr -d com.apple.quarantine al7-not-ok.app
使用 spctl 检查状态 → spctl -a -v al7-not-ok.app
如果仍然打不开,贴上新的 notarytool log,我继续帮你分析!公正
// zip -r al7-not-ok.zip al7-not-ok.app
# 用这一个打 zip 包
$ ditto -c -k --keepParent al7-not-ok.app al7-not-ok.zip
$ p xcrun notarytool submit al7-not-ok.zip --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS" --wait
Conducting pre-submission checks for al7-not-ok.zip and initiating connection to the Apple notary service...
Submission ID received
id: 34d9a174-ab8d-4b61-8e03-3f6851a10162
Upload progress: 100.00% (328 MB of 328 MB)
Successfully uploaded file
id: 34d9a174-ab8d-4b61-8e03-3f6851a10162
path: /Users/ap7/Downloads/al7-not-ok.zip
Waiting for processing to complete.
Current status: Invalid................
Processing complete
id: 34d9a174-ab8d-4b61-8e03-3f6851a10162
status: Invalid查询原因
$ xcrun notarytool log d12cd121-eebd-4988-8024-297520b8f975 --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS"
{
"logFormatVersion": 1,
"jobId": "d12cd121-eebd-4988-8024-297520b8f975",
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"archiveFilename": "al7-not-ok.zip",
"uploadDate": "2025-03-22T12:15:31.018Z",
"sha256": "0cf274bc40094e6429d44ccb7cc76a5186ffa3bb426dcfc5847f83e0c3d919d2",
"ticketContents": null,
"issues": [
{
"severity": "error",
"code": null,
"path": "al7-not-ok.zip",
"message": "Package al7-not-ok.zip has no signed executables or bundles. No tickets can be generated.",
"docUrl": null,
"architecture": null
},
{
"severity": "warning",
"code": null,
"path": "al7-not-ok.zip",
"message": "The archive at al7-not-ok.zip could not be unpacked. Any executables contained in the archive will not be notarized.",
"docUrl": null,
"architecture": null
}
]
}成功的
$ p xcrun notarytool submit al7-ok.zip --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS" --wait
Conducting pre-submission checks for al7-ok.zip and initiating connection to the Apple notary service...
Submission ID received
id: 74455e61-84df-4e9e-85d4-ec2d8c825dd2
Successfully uploaded file(152 MB of 152 MB)
id: 74455e61-84df-4e9e-85d4-ec2d8c825dd2
path: /Users/aric/Downloads/al7-ok.zip
Waiting for processing to complete.
Current status: Accepted...............
Processing complete
id: 74455e61-84df-4e9e-85d4-ec2d8c825dd2
status: Accepted完整的过程
- 但发布给用户或团队内部使用时,必须走
- codesign + notarization + stapler 的流程,这是唯一官方认可的方式。
# 1. 添加签名
codesign --deep --force --verbose --options runtime --sign "Developer ID Application: ALO7 HK Limited (WJFKG4XLTJ)" 爱乐奇.app
爱乐奇.app: replacing existing signature
爱乐奇.app: signed app bundle with Mach-O thin (x86_64) [com.alo7.onlineclassroom.Student]
# 2. 用这一个打 zip 包
ditto -c -k --keepParent 爱乐奇.app 爱乐奇.zip
# 3. 公正 Notarization - 进行中
$ p xcrun notarytool submit 爱乐奇.zip --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS" --wait
Conducting pre-submission checks for 爱乐奇.zip and initiating connection to the Apple notary service...
Submission ID received
id: 85e46495-8eea-4f10-80f9-eb6c5af923c7
Upload progress: 38.49% (59.9 MB of 156 MB)
# 3.1 公正完成,并且通过
$ p xcrun notarytool submit 爱乐奇.zip --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS" --wait
Conducting pre-submission checks for 爱乐奇.zip and initiating connection to the Apple notary service...
Submission ID received
id: 85e46495-8eea-4f10-80f9-eb6c5af923c7
Upload progress: 100.00% (156 MB of 156 MB)
Successfully uploaded file
id: 85e46495-8eea-4f10-80f9-eb6c5af923c7
path: /Users/ap7/Downloads/爱乐奇.zip
Waiting for processing to complete.
Current status: Accepted...............
Processing complete
id: 85e46495-8eea-4f10-80f9-eb6c5af923c7
status: Accepted
# 4. 执行 stapler 附加票据 →
xcrun stapler staple 爱乐奇.app
# 5. 使用 spctl 检查状态 →
spctl -a -v 爱乐奇.app
$ spctl -a -v 爱乐奇.app
爱乐奇.app: accepted
source=Notarized Developer ID
# 6. 查看完整信息
codesign -dvvv 爱乐奇.app
# 7. xattr 爱乐奇.app
com.apple.macl
com.apple.provenance
com.apple.quarantine
> 如果输出包含 com.apple.quarantine,说明 macOS 仍然认为这个 app 需要额外检查。
xcrun notarytool history --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS"
# 清除 quarantine 限制 → xattr -d com.apple.quarantine al7-not-ok.app查看一下历史
$ xcrun notarytool history --apple-id "$APPLEID" --team-id "WJFKG4XLTJ" --password "$APPLEIDPASS"
Successfully received submission history.
history
--------------------------------------------------
createdDate: 2025-03-22T14:37:38.622Z
id: 85e46495-8eea-4f10-80f9-eb6c5af923c7
name: 爱乐奇.zip
status: Accepted
--------------------------------------------------
createdDate: 2025-03-22T14:04:37.473Z
id: 607a05ee-6e65-4e60-aeef-8ddc517b5d14
name: al7-not-ok.zip
status: Accepted
--------------------------------------------------
createdDate: 2025-03-22T14:04:15.229Z
id: 25af1abd-6438-4b61-93c9-630655ad3ff2
name: al7-not-ok.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-03-22T14:03:47.554Z
id: bf247a31-7c20-4d7e-9e31-02a3ee9b8b7d
name: al7-not-ok.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-03-22T14:03:11.217Z
id: 33e57a5f-b5ba-448e-9589-85aa55dd0297
name: al7-not-ok.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-03-22T14:00:47.619Z
id: c225ad55-d0de-4991-86e1-94ac552e396a
name: al7-not-ok.zip
status: In Progress
--------------------------------------------------
createdDate: 2025-03-22T13:28:05.297Z
id: 15147186-226e-415a-8db1-a2470fe2db0d
name: al7-not-ok.zip
status: Invalid
--------------------------------------------------
createdDate: 2025-03-22T13:23:22.526Z
id: 38c13c12-4b61-43cf-8349-cc573779d2ce
name: al7-ok.zip
status: Accepted
--------------------------------------------------
createdDate: 2025-03-22T13:10:42.235Z
id: 74455e61-84df-4e9e-85d4-ec2d8c825dd2
name: al7-ok.zip
status: Accepted
--------------------------------------------------
createdDate: 2025-03-22T13:04:59.267Z
id: 51bc603c-c822-4c74-bc34-2dbf8167e979
name: al7-not-ok.zip
status: Invalid
--------------------------------------------------
createdDate: 2025-03-22T12:53:30.518Z
id: 0725d87a-007d-4899-b422-16e545a2654b
name: al7-not-ok.zip
status: Invalid
--------------------------------------------------
createdDate: 2025-03-22T12:28:49.041Z
id: 591e6b20-359f-46ae-aa1d-ee13bd8c8407
name: al7-not-ok.zip
status: Invalid
--------------------------------------------------
createdDate: 2025-03-22T12:12:51.911Z
id: d12cd121-eebd-4988-8024-297520b8f975
name: al7-not-ok.zip
status: Invalid
--------------------------------------------------
createdDate: 2025-03-22T11:58:50.577Z
id: 34d9a174-ab8d-4b61-8e03-3f6851a10162
name: al7-not-ok.zip
status: Invalid
--------------------------------------------------
createdDate: 2025-03-22T10:56:57.213Z
id: b70afe28-337f-4418-a5f7-e7cb9c89a41e
name: al7-not-ok.zip
status: Invalid
--------------------------------------------------
createdDate: 2025-03-21T14:23:20.986Z
id: e1c294c1-6a9b-469b-898a-1e5590e60eb9
name: 爱乐奇.zip
status: Invalid
--------------------------------------------------
createdDate: 2025-03-21T14:08:07.316Z
id: abb7300d-9587-4773-ad13-986c126256cb
name: 爱乐奇.zip
status: Invalid查看子组件是否都已经签名
codesign -vvv --deep --strict 爱乐奇.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zAutoUpdate.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zAutoUpdate.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zSDKRes.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/protobuf.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/protobuf.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/viper.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/viper.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/爱乐奇 Helper.app
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/爱乐奇 Helper.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/curl64.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/curl64.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zSDKRes.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zChatApp.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zChatApp.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZoomSDKChatUI.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/viperex.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/viperex.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZoomSDKChatUI.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/annoter.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ReactiveCocoa.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zmLoader.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zmLoader.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zVideoApp.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/annoter.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/Squirrel.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zVideoApp.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZCommonUI.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/Squirrel.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ReactiveCocoa.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zWebService.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZCommonUI.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zWebService.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/libssl.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/libssl.dylib
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zmb.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zmb.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/util.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/faac.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/Mantle.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/util.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/faac.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/asproxy.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/Mantle.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/cmmlib.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/asproxy.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/cmmlib.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zlt.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zlt.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/SDK_Transcode.app
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/SDK_Transcode.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/CptHost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/libcrypto.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/libcrypto.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/CptHost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/xmpp_framework.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/xmpp_framework.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/nydus.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/nydus.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/capHost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/tp.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/capHost.app
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/tp.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZoomSDKVideoUI.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZoomSDK.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zData.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ssb_sdk.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libswresample.3.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libswresample.3.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ssb_sdk.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/zData.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZoomSDKVideoUI.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libswscale.5.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libswscale.5.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZoomSDK.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libavformat.58.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libavformat.58.dylib
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomhost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomagent.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomagent.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mcm.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libavutil.56.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libavutil.56.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mcm.bundle
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomhost.app/Contents/Frameworks/libmklFramework.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libavcodec.58.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle/Contents/Frameworks/libavcodec.58.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app/Contents/Frameworks/zmp.bundle
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/mphost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app/Contents/Frameworks/libavformat.58.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app/Contents/Frameworks/libavformat.58.dylib
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app/Contents/Frameworks/libswscale.5.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app/Contents/Frameworks/libswscale.5.dylib
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZegoLiveRoomOSX.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app/Contents/Frameworks/libavutil.56.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app/Contents/Frameworks/libavutil.56.dylib
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomhost.app/Contents/Frameworks/libmklFramework.framework/Versions/Current/Frameworks/libmkldnn.0.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomhost.app/Contents/Frameworks/libmklFramework.framework/Versions/Current/Frameworks/libmkldnn.0.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomhost.app/Contents/Frameworks/libmklFramework.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/ZegoLiveRoomOSX.framework/Versions/Current/.
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app/Contents/Frameworks/libavcodec.58.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app/Contents/Frameworks/libavcodec.58.dylib
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/airhost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomhost.app/Contents/Frameworks/libcmlFramework.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomhost.app/Contents/Frameworks/libcmlFramework.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/aomhost.app
--prepared:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/Electron Framework.framework/Versions/Current/.
--validated:/Users/ap7/Downloads/爱乐奇.app/Contents/Frameworks/Electron Framework.framework/Versions/Current/.
爱乐奇.app: valid on disk
爱乐奇.app: satisfies its Designated Requirement证书过多
- 清理无用的证书,否则有可能出现 TeamIdentifier=not set
--(~)----------------------------------------------------------------------------------------------------------------------------------------------------------------------(fox@macmini:s001)--
--(13:21:50)--> security find-identity -v -p codesigning --(Thu,Apr17)--
1) 3A76166D1315B13480B2B5B8926A46CCA0B39926 "Developer ID Application: ALO7 HK Limited (WJFKG4XLTJ)"
2) 3A76166D1315B13480B2B5B8926A46CCA0B39926 "Developer ID Application: ALO7 HK Limited (WJFKG4XLTJ)"
3) AC23B69DCB60AA352BC100D2DA5D538C583860DE "Apple Distribution: ALO7 HK Limited (WJFKG4XLTJ)"
4) 3A76166D1315B13480B2B5B8926A46CCA0B39926 "Developer ID Application: ALO7 HK Limited (WJFKG4XLTJ)"
5) 3A76166D1315B13480B2B5B8926A46CCA0B39926 "Developer ID Application: ALO7 HK Limited (WJFKG4XLTJ)"
5 valid identities found
# 找到大概的位置,并手动清理
security find-certificate -a -c "Developer ID Application" -Zelectron-config 实时配置有问题
"extendInfo": {
"ElectronTeamID": "WJFKG4XLTJ",
...
}- 这个字段只会注入到 Info.plist 中,并不会影响签名的真实 TeamIdentifier。
- 真正影响的是:签名时 macOS 能否从你的证书里提取出 Team ID。
{
"appId": "com.alo7.onlineclassroom.Student",
"copyright": "Copyright © 2018-2021 Alo7 Inc.",
"asar": true,
"asarUnpack": [
"**/node_modules/raw-socket/**/*"
],
"onNodeModuleFile": "./onNodeModuleFile.js",
"mac": {
"identity": "ALO7 HK Limited (WJFKG4XLTJ)",
"hardenedRuntime": true,
"entitlements": "entitlements.mac.plist",
"entitlementsInherit": "entitlements.mac.plist",
"gatekeeperAssess": false,
"category": "public.app-category.productivity",
"extendInfo": {
"CFBundleURLTypes": [
{
"CFBundleURLSchemes": [
"aocd"
]
},
{
"CFBundleURLName": "Aoc Desktop Protocol"
}
],
"ElectronTeamID": "WJFKG4XLTJ",
"NSMicrophoneUsageDescription": "为保证正常上课,请允许本程序访问您的麦克风",
"NSCameraUsageDescription": "为保证正常上课,请允许本程序访问您的摄像头"
},
"icon": "build/student/institution/aoc/icon.png",
"target": [
"dmg",
"zip"
],
"electronLanguages": [
"zh_CN"
]
},
"pkg": {
"installLocation": "/Applications",
"allowAnywhere": false,
"allowCurrentUserHome": false
},
"dmg": {
"contents": [
{
"x": 130,
"y": 220
},
{
"x": 410,
"y": 220,
"type": "link",
"path": "/Applications"
}
],
"window": {
"width": 540,
"height": 420
},
"artifactName": "AOCStudent-${version}.${ext}",
"background": "build/student/institution/aoc/background.png"
},
"win": {
"target": [
{
"target": "nsis",
"arch": [
"ia32"
]
}
],
"certificateFile": "win_cert.pfx",
"certificatePassword": "Z6eX7WjUwi2cVkVhiTmQ",
"verifyUpdateCodeSignature": false
},
"nsis": {
"oneClick": false,
"perMachine": true,
"createDesktopShortcut": true,
"createStartMenuShortcut": true,
"allowToChangeInstallationDirectory": true
},
"directories": {
"output": "release/aoc/student",
"buildResources": "build/institution/aoc"
},
"publish": {
"provider": "generic",
"url": "http://127.0.0.1"
},
"afterSign": "/Users/fox/builds/VhrfB7JU/0/kejian/aoc-desktop/packages/aoc-app/internals/scripts/Notarize.js",
"extraResources": [
{
"from": "static",
"to": "static",
"filter": [
"!tools/*",
"!**/zoom/win32/*",
"!**/zoom/mac/Plugins/*",
"!**/zoom/mac/Resources/*",
"!**/zoom/mac/ZoomSDK/*",
"!**/zego/ZegoLiveRoomOSX.framework",
"!**/vsc/*"
]
},
{
"from": "static/zoom/mac/Resources/",
"to": "./"
}
],
"extraFiles": [
{
"from": "static/zoom/mac/Plugins",
"to": "Plugins"
},
{
"from": "static/zoom/mac/ZoomSDK",
"to": "Frameworks"
},
{
"from": "vendor/zego/mac",
"to": "Frameworks",
"filter": [
"!*.node",
"!*.js",
"!*.json",
"!*.dylib",
"!*.md"
]
}
],
"productName": "爱乐奇"
}最终打开效果
- mac m2: 还是无法打开 “爱乐奇-passed” can’t be opened because Apple cannot check it for malicious software.
- mac 老款的: “爱乐奇-passed” is an app sent over AirDrop. Are you sure you want to open it? 可以正常打开了
几种场景
| 原文 | 场景(截图/备注) |
|---|---|
| 要求移到垃圾筒 |  |
|  |
| 评为可疑软件 |  |
| 这种是正常的,因为没有走 appstore 分发 |  |
一个 Python 的实现