Signing an .app bundle post-inclusion of .frameworks.

DanielParkDanielPark AUMember
edited April 2014 in Xamarin.iOS

I am trying to fully sign a .app bundle with our developer keys as to not aggravate GateKeeper. We have also included Sparkle to assist with updating as Sandboxing created all sorts of problems, of which some are unavoidable.

So in the build process the following commands are called to copy over the frameworks post build;

m -rf ${TargetDir}/${ProjectName}.app/Contents/Frameworks
mkdir -p ${TargetDir}/${ProjectName}.app/Contents/Frameworks
cp -a ${SolutionDir}/<Project>/Frameworks/. ${TargetDir}/${ProjectName}.app/Contents/Frameworks/

The problem is that these additions are being made post-signing, and are messing with the end result causing Gatekeeper to reject it fully once packaged in a .dmg and uploaded to our CDN.

In an attempt to solve this, I added the following custom command after the previous three;

codesign -f -v -s <Dev Certificate Here> ${TargetDir}/${ProjectName}.app/Contents/Frameworks/Sparkle.framework/Versions/A

However after running a code signing verification command as explained here, bugger all seems to have been signed, with all files under *.app/Contents/Sparkle.Framework being reported as added.

What is the most advisable process for signing an application bundle with embedded frameworks?

Cheers!

Posts

  • DanielParkDanielPark AUMember

    I changed the copy of the frameworks from "After" to "Before" build, which seemed to fix things. Is there a better way of including these framework bundles?

Sign In or Register to comment.