ravindra132 wrote:
So with help of the following command, I create a signed .pkg
That web site is really, really wrong. In addition, it doesn't say anything about notarization. For notarization, the outermost package is the one that needs to be notarized.
If you have a stand-alone app, you don't need an installer. Just zip the app. If your app is already notarized, then you should be done.
However, I have to say, I've seen many, many similar reports of problems with notarization. In absolutely every single case, problems are self-inflicted. It may be that you could just skip the installer package and be done. Or maybe you could notarize the installer package and be done. But based on my past experience, there is probably much, much more that you will need to do. What that might be, I can't say.
Generally, then notarization process is very easy. Here it is:
1) Use Xcode to generate an archive. Go to the "Product" menu and choose "Archive".
2) When the archive is complete, it will open the "Organizer" window. I think the archive will already be selected for you.
3) Select on your archive and click the "Distribute App" button.
4) Click the "Developer ID" checkbox and then click the "Next" button.
5) Click the "Upload" checkbox and then click the "Next" button.
6) You might need to click "Next" a couple more times to confirm that everything looks good.
7) You should get to a point where it says "Waiting for notarization" or something similar. Just let it sit there. After a couple of minutes, an "Export" button will appear in this dialog where you can export a notarized version of your app. Zip that up and post it on the internet.
7a) Another option is to go back to the Organizer at any time later and it will say "Ready to distribute" in the Status column. If you hover over this status with your mouse, an "Export" button will be revealed. This is the same export as above.
8) After posting your zip file to the internet, download it from the internet and confirm that it is properly notarized.
Total elapsed time, around 3-4 minutes.
Unfortunately, people often get tripped up at step #1. Maybe they used "Homebrew" or "QT" or something even worse and they aren't using Xcode. If this is the case, God help you my friend. You're on your own.
It is also possible to use the "altool" to notarize from the command line. I think that Apple is has a newer, easier-to-use version of command line notarization now but I think it is still in beta.
Those people who do need to use "altool" will often get tripped up on #8. In many cases, they won't even attempt it. They just assume that going through the motions is the same as having achieved a desired end result. Like that ever happens in software development. It isn't "Notarized" until you succeed at #8, so don't bother getting confused when you have "notarized" but "notarization" isn't working. There are only two possible states - successfully notarized and all screwed up. There is no such thing as "partially notarized".
If you aren't using Xcode and are getting tripped up on #8, the most likely cause is something crazy going on in the open-source libraries you are using. There are a number of settings to relax various aspects of notarization so that these things will run. You may need to run Console.app while you launch the app to find out which of these dynamic library or runtime settings is failing. You might even need to try to app in a factory-fresh virtual machine to ensure that you aren't linking to some Homebrew dylibs that only exist on your development machine.
You might also want to consider using a DTS ticket to get Apple to help.
