|Topic was automatically imported from the old Question2Answer platform.
I’m on macos and I’m trying to export my game to macos and I’m confused by the Identity field in Godot 3.5.1.
The documentation doesn’t say what goes in there,
But from this thread,
it seems it should be the short string from your development certificate.
But I’ve seen other places where it says it should be the long string that you get after running,
security find-identity -v -p codesigning
I tried both, but I keep getting the same error from the notarization server:
Package Invalid. And if I check the log, it says
"The binary is not signed with a valid Developer ID certificate."
In this Reddit thread I noticed they were using a Distribution certificate, even though Apple’s documentation says you shouldn’t use Distribution but Development. Just in case, I tried creating a Distribution certificate and I tried both the short and the long strings, and I keep getting the same notarization error.
I thought the problem could be that I hadn’t created the Identifier that I’m using for my game under Certificates, Identifiers & Profiles in my Developer console, but adding that identifier doesn’t help either.
Codesign tells me this,
codesign -dvv MyGame.dmg
CodeDirectory v=20200 size=297 flags=0x10000(runtime) hashes=1+6 location=embedded
Authority=Apple Development: <My name> (<10-digit ID>) (*)
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Timestamp=28 Jan 2023 at 21:53:14
Internal requirements count=1 size=176
(*) or Apple Distribution, when I do the Distribution certificate – both fail as I said.
In the Codesign section I have:
- Enable: ON
- Identity: (I tried long & short, and Distribution and Development)
- Timestamp: ON
- Hardened runtime: ON
- Replace existing signature: ON
Any idea what we need to pass in there for Notarization to succeed?
I realized in this thread that you have to use a Developer ID Application certificate, neither an Apple Development, nor Apple Distribution.
So I went ahead and created one and I got some progress. Now I don’t get that error about a valid ID certificate, but I get a bunch of other errors:
The signature of the binary is invalid.
The signature does not include a secure timestamp.
The executable does not have the hardened runtime enabled.
Hardened Runtime and Timestamp are enabled, but now codesign tells me that it’s not signed,
codesign -dvv MyGame.dmg
MyGame.dmg: code object is not signed at all
The only thing I changed is the certificate, so I’m at a loss.
endavid | 2023-01-28 22:46
It seems I had to use the long string of the identifier. I think it could be because the short string is duplicated once you add the Developer ID Application certificate.
endavid | 2023-01-28 23:02