This is a Math+CS Educational app written in Java. I have been able to distribute the Intel-Mac version downloaded as a .dmg (code-signed, notarized and stapled).
I also need to support Apple silicon hw. I re-created the entire sw manufacturing structure on my M2 Macbook. I'm using the exact same command scripts that work on the older hardware. I am expecting the jpackage script to run the same way on the M2....but no.
The first sign of trouble is I'm not getting an authentication password dialog , which I believe is thrown up by the MacOS when codesign asks to access my Keychain certificates. My keychain is setup the default way.
Here is the error msg:
[07:38:08.719] Running /usr/bin/codesign [07:38:08.749] java.io.IOException: Command [/usr/bin/codesign, -s, Developer ID Application: Pierre Bierre (SL7L4YU8GT), -vvvv, --timestamp, --options, runtime, --prefix, ST_DFG2D_ARM, /var/folders/v7/06pp2_5d6gz9593k96n2z0v40000gn/T/jdk.jpackage11705714069544945060/images/image-2753484488940359178/DataflowGeom2D.app/Contents/runtime/Contents/Home/lib/libnet.dylib] exited with 1 code at jdk.jpackage/jdk.jpackage.internal.Executor.executeExpectSuccess(Executor.java:90) at jdk.jpackage/jdk.jpackage.internal.IOUtils.exec(IOUtils.java:215)
If I build the .dmg installer WITHOUT code-signing it, it produces a good .dmg, but I can't distribute it to my students with M2-M3-M4 rigs.
The error feedback from "codesign" is nonspecific and inactionable. As a developer, I need specific, actionable error messages. I expect that from the wealthiest computer company in the world. Need the info.
The error feedback from "codesign" is nonspecific and inactionable.
Looking at the log you posted I don’t actually see any error information from codesign. It seems that your tooling runs codesign which then exits with status 1, and that’s it.
Normally when codesign fails it prints something to stderr. Is that not the case here? Or did it print something but it’s not in the log you included?
ps My best guess, based on the info you included, is that this error will be something like this:
% codesign -s …all your other arguments elided… libnet.dylib
libnet.dylib: is already signed
That’s due to a subtle difference between Intel and Apple silicon. On Apple silicon all code is signed by default. If you using an open source toolchain to build your code then it gets ad-hoc signed by the linker. That means that, when you go to sign it, the signing fails because it’s already signed, and hence this error. The solution is to add the -f argument to codesign, telling it to overwrite that signature.
But that’s just a guess. If you see an error other than is already signed, reply with the details and we’ll keep digging.
For lots of detailed info on how to manually sign and package code for the Mac, see:
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"