I generated my own certificate for testing following these instructions. I sign the code using
find cmake-build-release/Beertabs.app -name "*.dylib" | xargs -I $ codesign --verify --verbose --sign $1 $
find cmake-build-release/Beertabs.app -name "*.framework" | xargs -I $ codesign --verify --verbose --sign $1 $
codesign --sign $1 --verbose --entitlements Beertabs-Entitlements.plist cmake-build-release/Beertabs.app
where $1 is my key name.
When trying to run the program, it immediately crashes. Console displays the output at the bottom. When I run codesign -vvvv cmake-build-release/Beertabs.app to verify the code signing, everything is validated. However, when I run spctl --verbose=4 --assess --type execute cmake-build-release/Beertabs.app, I get cmake-build-release/Beertabs.app: rejected.
The program runs as expected without code signing, but is not working with it. Is there a step I missed? It should be mentioned that I'm using the Qt library and use the macdeployqt tool to bundle the library files into the appbundle. Is this happening because I'm using a self-signed certificate?
default 15:48:48.762073-0500 lsd - 45683955: Checking whether application is managed at file:///Users/rwardrup/Projects/Beertabs/cmake-build-release/Beertabs.app/
default 15:48:48.792781-0500 Finder LAUNCHING:0x0-0x27e67e4 Beertabs foreground=1 bringForward=1 seed=8974 userActivityCount=0
default 15:48:48.803196-0500 loginwindow -[ApplicationManager checkInAppContext:eventData:] | ApplicationManager: Checked in app : Beertabs
default 15:48:48.843811-0500 secinitd Beertabs[71467]: root path for bundle "<private>" of main executable "<private>"
default 15:48:48.853615-0500 runningboardd Resolved pid 71467 to [executable<Beertabs(501)>:71467]
default 15:48:48.855505-0500 runningboardd [executable<Beertabs(501)>:71467] This process will not be managed.
default 15:48:48.855541-0500 runningboardd Now tracking process: [executable<Beertabs(501)>:71467]
default 15:48:48.856161-0500 runningboardd Acquiring assertion targeting executable<Beertabs(501)> from originator [daemon<com.apple.coreservices.launchservicesd>:145] with description <RBSAssertionDescriptor; foregroundApp:71467; ID: 307-145-25866; target: 71467> attributes = {
<RBSDomainAttribute: 0x7f81f8521400; domain: com.apple.launchservicesd; name: RoleUserInteractiveNonFocal; sourceEnvironment: 0x0>;
}
default 15:48:48.856360-0500 runningboardd Assertion 307-145-25866 (target:executable<Beertabs(501)>) will be created as active
default 15:48:48.857615-0500 runningboardd Acquiring assertion targeting executable<Beertabs(501)> from originator [daemon<com.apple.coreservices.launchservicesd>:145] with description <RBSAssertionDescriptor; foregroundApp:71467; ID: 307-145-25867; target: 71467> attributes = {
<RBSDomainAttribute: 0x7f81fab493f0; domain: com.apple.launchservicesd; name: RoleUserInteractiveNonFocal; sourceEnvironment: 0x0>;
}
default 15:48:48.858001-0500 runningboardd [executable<Beertabs(501)>:71467] Ignoring jetsam update because this process is not memory-managed
default 15:48:48.857958-0500 runningboardd Assertion 307-145-25867 (target:executable<Beertabs(501)>) will be created as active
default 15:48:48.858454-0500 runningboardd [executable<Beertabs(501)>:71467] Ignoring resume because this process is not lifecycle managed
default 15:48:48.858603-0500 runningboardd Finished acquiring assertion 307-145-25866 (target:executable<Beertabs(501)>)
default 15:48:48.858815-0500 runningboardd [executable<Beertabs(501)>:71467] Set darwin role to: UserInteractiveNonFocal
default 15:48:48.859493-0500 runningboardd [executable<Beertabs(501)>:71467] Ignoring GPU update because this process is not GPU managed
default 15:48:48.859719-0500 runningboardd Finished acquiring assertion 307-145-25867 (target:executable<Beertabs(501)>)
default 15:48:48.859733-0500 runningboardd Invalidating assertion 307-145-25866 (target:executable<Beertabs(501)>) from originator 145
default 15:48:48.909969-0500 secinitd Beertabs[71467]: root path for bundle "<private>" of main executable "<private>"
default 15:48:50.002388-0500 secinitd Beertabs[71467]: root path for bundle "<private>" of main executable "<private>"
default 15:48:51.097233-0500 secinitd Beertabs[71467]: root path for bundle "<private>" of main executable "<private>"
default 15:48:52.184767-0500 secinitd Beertabs[71467]: root path for bundle "<private>" of main executable "<private>"
default 15:48:52.222575-0500 runningboardd [executable<Beertabs(501)>:71467] Death sentinel fired!
default 15:48:52.222934-0500 ReportCrash Parsing corpse data for process Beertabs [pid 71467]
default 15:48:52.228765-0500 runningboardd Invalidating assertion 307-145-25867 (target:executable<Beertabs(501)>) from originator 145
default 15:48:52.330990-0500 runningboardd Removing process: [executable<Beertabs(501)>:71467]
default 15:48:52.339950-0500 runningboardd Removing assertions for terminated process: [executable<Beertabs(501)>:71467]
default 15:48:54.130670-0500 ReportCrash Sending event: com.apple.stability.crash {"appVersion":"???","bundleID":"","exceptionType":2,"process":"Beertabs","responsibleApp":"Beertabs"}
default 15:48:54.130903-0500 analyticsd Received event: com.apple.stability.crash {"appVersion":"???","bundleID":"","exceptionType":2,"process":"Beertabs","responsibleApp":"Beertabs"}
default 15:48:54.131016-0500 analyticsd Aggregated. Transform: StabilityCrashNumerator3 Dirty: 6 Event: com.apple.stability.crash {"appVersion":"???","bundleID":"","exceptionType":2,"process":"Beertabs","responsibleApp":"Beertabs","timestamp":1600289334130405}
default 15:48:54.131108-0500 analyticsd Aggregated. Transform: StabilityCrashNumerator3WithIncidentID Dirty: 6 Event: com.apple.stability.crash {"appVersion":"???","bundleID":"","exceptionType":2,"process":"Beertabs","responsibleApp":"Beertabs","timestamp":1600289334130405}
default 15:48:54.174021-0500 ReportCrash Saved crash report for Beertabs[71467] version ??? (???) to Beertabs_2020-09-16-154854_Rivendell.crash
default 15:48:54.205327-0500 ReportCrash Removing excessive log: Beertabs_2020-09-16-154854_Rivendell.crash
