The application is trying to load the Qt frameworks that are *outside* of the
.app package. If you do an “otool -L” on the actual executable within the .app
package (SoundJack.app/Contents/MacOS/SoundJack), all non-system dependencies
that get listed should start with @rpath/something. If you see *any* kind of
absolution path in there such as
/Users/soulalex/Qt/5.12.0/clang_64/lib/QtMultimediaWidgets.framework/Versions/5/QtMultimediaWidgets
then the .app package has not been properly “fixed up” to create a portable
.app package.
A quick way to verify if you have at least packaged SOundJack correctly is to
run the macdeployqt application. Now before you start the application rename
/Users/soulalex/Qt/5.12.0 to /Users/soulalex/Qt/5.12.0.bak and then start the
application. If it starts OK then you are good, if you get a crash because the
Qt libraries could not be found then something went wrong. If you are using
CMake by chance then you can try using the “BundleUtilties” to “fix up” the
.app package. For our application we ended up doing a combination of
BundleUtilities and our own custom shell script.
--
Michael Jackson | Owner, President
BlueQuartz Software, LLC
[e] mike.jack...@bluequartz.net
[w] www.bluequartz.net
From: Interest <interest-boun...@qt-project.org> on behalf of Alexander Carôt
<alexander_ca...@gmx.net>
Date: Wednesday, April 8, 2020 at 12:29 PM
To: Andy <asmalo...@gmail.com>
Cc: qt qt <interest@qt-project.org>
Subject: Re: [Interest] OSX codesign question
Hej Nuno and Andy,
thanks a lot - yes, it is confusing but you helped to achieve progress,
however, some probably last issue to be solved:
What works is this:
soulalex@alexandarotsMBP SJC % codesign --deep --force --verify --verbose
--timestamp --options runtime --sign "52EF48168234769E0FE34C92B157ED7200626FD7"
./soundjack.app r
./soundjack.app: signed app bundle with Mach-O thin (x86_64)
[com.yourcompany.soundjack]
soulalex@alexandarotsMBP SJC % codesign --verify --deep --strict --verbose=2
./soundjack.app
./soundjack.app: valid on disk
./soundjack.app: satisfies its Designated Requirement
So - this seems to be fine - otherwise please complain :-)
Now comes the problem:
When I execute the app now it tells me:
soulalex@alexandarotsMBP SJC % ./soundjackMac.sh
dyld: Library not loaded:
@rpath/QtMultimediaWidgets.framework/Versions/5/QtMultimediaWidgets
Referenced from:
/Users/soulalex/Desktop/wip/XP-shared/Soundjack/SJC/./soundjack.app/Contents/MacOS/soundjack
Reason: no suitable image found. Did find:
/Users/soulalex/Qt/5.12.0/clang_64/lib/QtMultimediaWidgets.framework/Versions/5/QtMultimediaWidgets:
code signature in
(/Users/soulalex/Qt/5.12.0/clang_64/lib/QtMultimediaWidgets.framework/Versions/5/QtMultimediaWidgets)
not valid for use in process using Library Validation: mapped file has no
cdhash, completely unsigned? Code has to be at least ad-hoc signed.
Without signation the code executes just fine.
Any idea what to do next ?
Thanks a lot in advance again,
best
Alex
--
http://www.carot.de
Email : alexan...@carot.de
Tel.: +49 (0)177 5719797
Gesendet: Mittwoch, 08. April 2020 um 14:16 Uhr
Von: "Andy" <asmalo...@gmail.com>
An: "Alexander Carôt" <alexander_ca...@gmx.net>
Cc: "Nuno Santos" <nunosan...@imaginando.pt>, "qt qt" <interest@qt-project.org>
Betreff: Re: [Interest] OSX codesign question
The certificate needs to be added to your Keychain, then you use the name for
it in the codesign command. I think if you double-click the cert in the Finder
it will add it to "My Certificates" properly.
As Nuno pointed out, the name should look like this:
"Developer ID Application: ACME_INC (TEAM_IDENTIFER) )”
Where ACME_INC is the name of the organization you registered with Apple, and
TEAM_IDENTIFER is a random string.
When generating a cert on the Apple site there are a few choices that sound
similar - frankly the whole process is confusing - but the cert must must read
"Developer ID Application" to do what you want.
---
Andy Maloney // https://asmaloney.com
twitter ~ @asmaloney
On Wed, Apr 8, 2020 at 4:08 AM Alexander Carôt <alexander_ca...@gmx.net> wrote:
Hi Andy and Nuno,
thanks for your answers - looks like being on a good track now.
I think the very last problem for me to fix is choosing the correct file - so
far I have used the certificate I downloaded from the developer account like
this:
codesign --deep ./myApp -s development.cer
but this give me:
development.cer: no identity found
Do you know how to fix this ? Do I probably use the wrong file or is there
anything else to be changed ?
Thanks again,
best
Alex
--
http://www.carot.de
Email : alexan...@carot.de
Tel.: +49 (0)177 5719797
Von: Andy <asmalo...@gmail.com>
Datum: Montag, 6. April 2020 um 13:34
An: Nuno Santos <nunosan...@imaginando.pt>
Cc: Alexander Carôt <alexander_ca...@gmx.net>, qt qt <interest@qt-project.org>
Betreff: Re: [Interest] OSX codesign question
I just did this yesterday. I could not get macdeployqt to work either, so I do
it using the command line in my build process.
Here's the command line I'm using:
codesign --deep --force --verify --verbose --timestamp --options runtime
--sign "${CODE_SIGNING_ID}" "${APP_PATH}"
Which signing ID you use depends on where you are releasing your application.
Nuno gave the command line tool to list them - you can also see them under "My
Certificates" in the Keychain Access application. To distribute a macOS
application outside the Apple Store, you want the "Developer ID Application"
one as Nuno showed.
Two good sources of info for codesign are "man codesign" and this page:
https://developer.apple.com/library/archive/technotes/tn2206/_index.html
Once your application is signed, you can use this command to verify it:
codesign --verify --deep --strict --verbose=2 "${APP_PATH}"
Note that you can sign DMGs and ZIP files as well.
Good luck!
---
Andy Maloney // https://asmaloney.com
twitter ~ @asmaloney
On Mon, Apr 6, 2020 at 6:39 AM Nuno Santos <nunosan...@imaginando.pt> wrote:
Alexander,
I don’t use macdeployqt for signing.
I call the codesign command manually in the POST LINK phase.
You need to pass to the code sign the string representing your team. You can
list the available signing entities with the following command:
> security find-identity -v -p codesigning
Then you need to do something like this:
codesign --deep PATH_TO_BUNDLE -s "Developer ID Application: ACME_INC
(TEAM_IDENTIFER) )”
Hope it helps!
Best,
Nuno
> On 6 Apr 2020, at 10:32, Alexander Carôt <alexander_ca...@gmx.net> wrote:
>
> Hello all,
>
> I want to sign my OSX code in order to have it running on a client's machine
> without the need to right-click and open it.
>
> I signed at https://developer.apple.com/ and received my valid certificate
> called "developer.cer".
>
> Then I exectued
>
> macdeployqt myApp.app -dmg -codesign=developer.cer
>
> but I got this error:
>
> ERROR: "developer.cer: no identity found\n"
> ERROR: Codesign signing error:
> ERROR: "developer.cer: no identity found\n"
> ERROR: codesign verification error:
> ERROR: "soundjack.app: code object is not signed at all\nIn architecture:
> x86_64\n"
>
> Does anyone know what to do ? Is there probably a different/better way to
> sign it ?
>
> Thanks a lot in advance,
> best
>
> Alex
>
> --
> http://www.carot.de
> Email : alexan...@carot.de
> Tel.: +49 (0)177 5719797
>
> _______________________________________________
> Interest mailing list
> Interest@qt-project.org
> https://lists.qt-project.org/listinfo/interest
_______________________________________________
Interest mailing list
Interest@qt-project.org
https://lists.qt-project.org/listinfo/interest
_______________________________________________ Interest mailing list
Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
_______________________________________________
Interest mailing list
Interest@qt-project.org
https://lists.qt-project.org/listinfo/interest
