[Interest] signing webenginewidgets issue
Alexander Carôt
alexander_carot at gmx.net
Sat Jun 15 13:44:12 CEST 2024
Hello all,
I just saw an issue when signing and notarizing an app containing a web browser based on webenginewidgets (applies also for the Qt example minibrowser):
1.) Codesigning via
codesign --options=runtime --deep ./minibrowser.app -s "Developer ID Application: XXX"
works fine but breaks the app: Launching minibrowser afterwards makes the webprocess crash.
2.) Including the following keys into an entitlements file:
<key>com.apple.security.cs.allow-jit</key><true/>
<key>com.apple.security.cs.disable-library-validation</key><true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key><true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/>
and then signing via
codesign --options=runtime --entitlements ./entitlements.xml --deep ./minibrowser.app -s "Developer ID Application: XXX"
does not lead to the crash anymore and
codesign --verify --deep --strict --verbose=2 ./minibrowser.app
tells that all is signed just fine, however, when I package the app as a DMG, load it up to the web, load it down to my desktop and launch it, it tells me that the developer cannot be verified – so it basically tells that it is not signed.
The same happens when I only include the first key:
<key>com.apple.security.cs.allow-jit</key><true/>
but here comes the message that the package cannot be opened because it cannot be checked in terms of malware etc.
Can anyone help with this ?
Thanks a lot in advance,
best
Alex
--
http://www.carot.de
Email : Alexander at Carot.de
Tel.: +49 (0)177 5719797
More information about the Interest
mailing list