8

I want to sign my app to get rid of app blocking with according to security. I followed to the official NW.js documentation Mac-App-Store-(MAS)-Submission-Guideline Generated certificates, packaged my app, sign it. But after signed, my app close immediately after launch. When I tried to upload this signed app via template loader to app store I got:

enter image description here

I already asked question on github, but didn't get any response yet. If someone had experience with nw.js on mac os please help.

Arti
  • 5,595
  • 11
  • 44
  • 102
  • 2
    What code are you trying to sign your app with? The other errors are pretty self-explanatory. – Oskar May 01 '17 at 16:55
  • @OskarI used this python script. Added all credentials, and it successfully signed app, but app closes after launch.... And in app store it says signature invalid. http://docs.nwjs.io/en/latest/For%20Users/Advanced/Support%20for%20Mac%20App%20Store/ – Arti May 01 '17 at 17:16
  • I did all configs like in tutorial, checked this few times – Arti May 01 '17 at 17:21
  • Have you tried using the `--pkg` argument? – l'L'l May 19 '17 at 18:07
  • yes, i uploaded to template loader `myapp.pkg` file. Few users approved the same issue:( – Arti May 19 '17 at 20:57
  • The only thing that stands out to me is the error about "The installer package includes files that are only readable by the root user", so maybe check the file permissions in your project and try changing whatever is set as root user to be readable otherwise. – l'L'l May 19 '17 at 21:37

2 Answers2

1

You can codesign the app without using xcode. The following bash script allows you to do that. You need you developer id Application which you can find in your keychain access app.

You have to change the directory after versions to the directory that you have, depending on the version of nw.js that you are using

identity="Developer ID Application: youridentiy... (some number)"
app="pathToYourApp.app"
rm -f "$app/Icon^M" 
rm -r -f "$app/.idea"


echo "### signing libraries"
codesign --force --verify --sign "$identity" "$app/Contents/Versions/60.0.3112.113/nwjs Framework.framework/Libraries/exif.so"
codesign --force --verify --sign "$identity" "$app/Contents/Versions/60.0.3112.113/nwjs Framework.framework/libffmpeg.dylib"
codesign --force --verify --sign "$identity" "$app/Contents/Versions/60.0.3112.113/nwjs Framework.framework/libnode.dylib"

echo "### signing frameworks"
codesign --force --verify --sign "$identity" "$app/Contents/Versions/60.0.3112.113/nwjs Framework.framework/nwjs Framework"
codesign --force --verify --sign "$identity" "$app/Contents/Versions/60.0.3112.113/nwjs Framework.framework/Helpers/crashpad_handler"
codesign --force --verify --sign "$identity" "$app/Contents/Versions/60.0.3112.113/nwjs Helper.app/Contents/MacOS/nwjs Helper"
codesign --force --verify --sign "$identity" "$app/Contents/Versions/60.0.3112.113/nwjs Helper.app/"
codesign --force --verify --sign "$identity" "$app/Contents/Versions/60.0.3112.113/nwjs Framework.framework/helpers/crashpad_handler"

echo "### sing osx folder"
codesign --force --verify --sign "$identity"  "$app/Contents/MacOS/nwjs"

echo "### signing app"
codesign --force --verify --sign "$identity" "$app"

echo "### verifying signature"
codesign -vv -d "$app"
Silve2611
  • 1,908
  • 1
  • 26
  • 46
0

Finally found the answer here: https://github.com/nwjs/nw.js/issues/6338

So to sign your app you need to:

Before run mas.py script to fixed Unleashed content:

# Set PATH_TO_YOUR_APP variable first
VERSION_NUMBER=`ls "${PATH_TO_YOUR_APP}/Contents/Versions/"`
NWJS_FRAMEWORK="$PATH_TO_YOUR_APP/Contents/Versions/$VERSION_NUMBER/nwjs Framework.framework"
LIBNODE_DYLIB="libnode.dylib"
LIBNODE_LINK_TO="Versions/A/$LIBNODE_DYLIB"

echo fixing nwjs Framework unsealed content
pushd "$NWJS_FRAMEWORK"
mv "$LIBNODE_DYLIB" "$LIBNODE_LINK_TO"
ln -s "$LIBNODE_LINK_TO"
popd

All details you will find in this thread: https://github.com/nwjs/nw.js/issues/6338

Hope nw team will fix this

Arti
  • 5,595
  • 11
  • 44
  • 102