Apple MacOS 应用程序公证因铁木林 jdk 中的 libjli.dylib 而失败
Apple MacOS app notarisation fails due to libjli.dylib in temurin jdk
已将 jdk 从 13 升级到 temurin-17,构建不再成功通过 Apple 公证。
libjli 似乎被认为是有问题的,很多阅读似乎总是提到在签名之前删除所有扩展属性 (xattr -cr) 但这并没有改变结果,Apple 仍然抱怨如下:
"path": "DrumScoreEditor-2.92.dmg/DrumScoreEditor.app/Contents/runtime/Contents/MacOS/libjli.dylib",
"message": "The signature of the binary is invalid.",
"docUrl": null,
"architecture": "x86_64"
构建过程没有改变(除了在 xattr 中添加)仍然是:
$JAVA_HOME/bin/jlink --output runtime --add-modules java.base,java.desktop,java.datatransfer,java.prefs,java.xml,jdk.xml.dom --strip-native-commands
$JAVA_HOME/bin/jpackage \
--type app-image \
--dest bundles \
-i build \
-n DrumScoreEditor \
--main-class org.whiteware.DrumScoreEditor \
--main-jar DrumScoreEditor-$VERSION.jar \
--app-version $VERSION \
--runtime-image runtime \
--copyright "Copyright (c) 2022 Alan R. White" \
--vendor "drumscore.scot" \
--file-associations autobuild/filetypes.txt \
--resource-dir package/macosx
xattr -cr bundles/DrumScoreEditor.app
codesign --force --deep \
--options runtime \
--timestamp \
--prefix org.whiteware.DrumScoreEditor \
--entitlements autobuild/entitlements.txt \
--sign "Developer ID Application: Alan White (XXXXXXXXXX)" \
bundles/DrumScoreEditor.app
$JAVA_HOME/bin/jpackage \
--type dmg \
--dest bundles \
-n DrumScoreEditor \
--app-image bundles/DrumScoreEditor.app \
--mac-package-identifier org.whiteware.DrumScoreEditor \
--copyright "Copyright (c) 2022 Alan R. White" \
--vendor "drumscore.scot" \
--app-version $VERSION \
--file-associations autobuild/filetypes.txt
xcrun altool --notarize-app \
etc
有没有人用 temurin 成功地公证了一个 java 应用程序,如果是这样请帮助发现我哪里出错了?
简化构建过程解决了这个问题,特别是让 jpackage 自己进行签名。详细模式显示它如何在 per-file 基础上处理签名,首先删除任何现有签名。
$JAVA_HOME/bin/jpackage \
--dest bundles \
--input build \
--name DrumScoreEditor \
--main-class org.whiteware.DrumScoreEditor \
--main-jar DrumScoreEditor-$VERSION.jar \
--add-modules java.base,java.desktop,java.datatransfer,java.prefs,java.xml,java.logging \
--app-version $VERSION \
--copyright "Copyright (c) 2022 Alan R. White" \
--vendor "drumscore.scot" \
--file-associations autobuild/filetypes.txt \
--mac-sign \
--mac-package-signing-prefix org.whiteware.DrumScoreEditor \
--mac-signing-key-user-name "Alan White (XXXXXXXXXX)" \
--mac-package-name "Drum Score Editor" \
--mac-entitlements autobuild/entitlements.txt \
--resource-dir package/macosx \
--verbose
已将 jdk 从 13 升级到 temurin-17,构建不再成功通过 Apple 公证。
libjli 似乎被认为是有问题的,很多阅读似乎总是提到在签名之前删除所有扩展属性 (xattr -cr) 但这并没有改变结果,Apple 仍然抱怨如下:
"path": "DrumScoreEditor-2.92.dmg/DrumScoreEditor.app/Contents/runtime/Contents/MacOS/libjli.dylib",
"message": "The signature of the binary is invalid.",
"docUrl": null,
"architecture": "x86_64"
构建过程没有改变(除了在 xattr 中添加)仍然是:
$JAVA_HOME/bin/jlink --output runtime --add-modules java.base,java.desktop,java.datatransfer,java.prefs,java.xml,jdk.xml.dom --strip-native-commands
$JAVA_HOME/bin/jpackage \
--type app-image \
--dest bundles \
-i build \
-n DrumScoreEditor \
--main-class org.whiteware.DrumScoreEditor \
--main-jar DrumScoreEditor-$VERSION.jar \
--app-version $VERSION \
--runtime-image runtime \
--copyright "Copyright (c) 2022 Alan R. White" \
--vendor "drumscore.scot" \
--file-associations autobuild/filetypes.txt \
--resource-dir package/macosx
xattr -cr bundles/DrumScoreEditor.app
codesign --force --deep \
--options runtime \
--timestamp \
--prefix org.whiteware.DrumScoreEditor \
--entitlements autobuild/entitlements.txt \
--sign "Developer ID Application: Alan White (XXXXXXXXXX)" \
bundles/DrumScoreEditor.app
$JAVA_HOME/bin/jpackage \
--type dmg \
--dest bundles \
-n DrumScoreEditor \
--app-image bundles/DrumScoreEditor.app \
--mac-package-identifier org.whiteware.DrumScoreEditor \
--copyright "Copyright (c) 2022 Alan R. White" \
--vendor "drumscore.scot" \
--app-version $VERSION \
--file-associations autobuild/filetypes.txt
xcrun altool --notarize-app \
etc
有没有人用 temurin 成功地公证了一个 java 应用程序,如果是这样请帮助发现我哪里出错了?
简化构建过程解决了这个问题,特别是让 jpackage 自己进行签名。详细模式显示它如何在 per-file 基础上处理签名,首先删除任何现有签名。
$JAVA_HOME/bin/jpackage \
--dest bundles \
--input build \
--name DrumScoreEditor \
--main-class org.whiteware.DrumScoreEditor \
--main-jar DrumScoreEditor-$VERSION.jar \
--add-modules java.base,java.desktop,java.datatransfer,java.prefs,java.xml,java.logging \
--app-version $VERSION \
--copyright "Copyright (c) 2022 Alan R. White" \
--vendor "drumscore.scot" \
--file-associations autobuild/filetypes.txt \
--mac-sign \
--mac-package-signing-prefix org.whiteware.DrumScoreEditor \
--mac-signing-key-user-name "Alan White (XXXXXXXXXX)" \
--mac-package-name "Drum Score Editor" \
--mac-entitlements autobuild/entitlements.txt \
--resource-dir package/macosx \
--verbose