How to distribute DEXT during development and to the public

First, I referred the "Configure the Sample Code Project" section in the README.md and configured the sample code project to build with automatic signing. I could run the app and activate the dext successfully and made sure the app could communicate with the dext.

Great! That's how development signing is intended to work.

Next, I tried the manual signing. I followed steps described in the "Configure the Sample Code Project" section carefully.

Manually code-signing for what purpose/environment? If you're trying to manually sign for development, my advice is "don't bother". While it is technically possible, it's a pain to set up, will break frequently, and doesn't provide any real benefit.

If you're signing for any other environment, including:

I would also like to know detailed steps to publicly distribute my dext and app using our Developer ID Application Certificate

My description of the basic flow is here. In a different thread, I also posted a detailed write up on how the different configuration points relate and a practical example of how to validate that configuration .

I could build both app and dext and could run the app. However, when I clicked the "Install Dext" button to activate the dext, I got the following error:

sysex didFailWithError: extension category returned error

SO, a few different things here:

• Please file a bug on this and post the bug number back here. We really need to provide better diagnostic data about what's actually failing.

• Checking an easy detail, is the app in "/Applications/"? That's where DEXT need to be for a "proper" installation, but that requirement can be bypassed based on the machine configuration and/or signing configuration.

• Go through the validation process I mentioned above to make sure you're codesign configuration is correct.

• If you at look at the console log, sysextd and (possibly) kextd will both log during the validation process and those log should provide more details about whatever failed.

__
Kevin Elliott
DTS Engineer, CoreOS/Hardware

Thank you for your response.

Manually code-signing for what purpose/environment?

During the development phase, I would like to share my build with other developers for testing purposes.

I carefully read the threads you shared, and successfully created the archive for direct distribution. And now, I am working on my actual project.

sysex didFailWithError: extension category returned error

With regard to this issue, I confirmed that this error occurs when the bundle ID length is longer than 64 characters. Are there any such limitation?

With regard to this issue, I confirmed that this error occurs when the bundle ID length is longer than 64 characters. Are there any such limitation?

Yes. More specifically, because of how DEXTs are integrated into the kernel, they end up inheriting limitation/restrictions that the kernel implements but the larger system does not. As another example, many Xcode project use CFBundleVersion for an incrementing build number but the kernel actually enforces it's own fairly rigid format which the kextload system then enforces on DEXTs.

__
Kevin Elliott
DTS Engineer, CoreOS/Hardware

Thank you Kevin for additional information. I will be careful for numbering the versions.

And now, I am working on my actual project.

I was able to create a package for distribution with our Developer ID certificate and confirmed that it works on multiple Macs with SIP enabled.

I have another question.

Is there a way to sign bundle files built with a debug configuration with a Apple Development certificate and share them with multiple developers in our team?

As you advised, manually code-signing seems not work as I expected, I am wondering how to evaluate and debug a dext and related modules during the development phase.