Comments

8 comments

  • Avatar
    michiel

    Hi,

    The latest InstallBuilder release (19.6.0) has support for notarization. 

    Best regards,

    Michiel

  • Avatar
    Sebastian41

    Hi, thanks for the quick reply! I see the changelogs have this entry:

    • Support creating macOS signatures with hardened runtime enabled to allow notarization

    Could you elaborate this or how to enable this? I can't find "notarization" in the user guide.

    Thanks!

  • Avatar
    BitRock support

    Hi Sebastian,

    Signatures produced by InstallBuilder 19.6 are compatible with notarization by default so it's not needed to enable it in the project. Please note that this does not include the notarization process itself, which should be done through Apple. We will update our documentation regarding notarization.

    Regards,

    Michiel

     

  • Avatar
    Sebastian41

    Hi, thanks for your reply! I understand the Apple notarization, and I am wondering how I can extract the uninstall.app beforehand for notarization, since this is automatically created and put into the installer (e.g. pak file).

  • Avatar
    BitRock support

    Hi Sebastian,

    It's not currently possible to sign (and thus, notarize) the "unistaller.app" file, but given that it is generated in place, it should not be required to sign it in order to be able to run it.

    Did you find any issues due to the uninstaller not being signed and notarized?

    Looking forward to your feedback,
    Alejandro

  • Avatar
    Sebastian41

    MacOS 10.15 requires a fully signed and notarized app bundle in order to run.

    Example: https://appleinsider.com/articles/19/06/03/apples-macos-catalina-is-first-to-require-app-notarization-by-default

    Developers intending to support the forthcoming macOS Catalina must submit their apps to Apple's notarizing security process or they will not run. 

  • Avatar
    BitRock support

    Thanks for the information. We are aware of the notarization requirement but unless we are mistaken (for now, the public Betas work as we expected), that applies to the interaction with Gatekeeper. As the uninstaller is created at runtime and not downloaded from the internet, it does not require to be signed and notarized to run. Did you find any issue with that in the Beta?

  • Avatar
    Sebastian41

    You are right, it gets created during runtime of the installer, thanks for the clarification!

Please sign in to leave a comment.