Search code examples
macosqtcode-signing

Sign a Framework for OSX 10.9

After using macdeployqt I sign my application to avoid Gatekeeper problems.

I can use codesign on all the frameworks and everything inside the bundle but when I come to sign the bundle I get an error:

$ codesign --force --verify --verbose --sign "Developer ID Application: My ID" MyApplication.app
MyApplication.app: bundle format unrecognized, invalid, or unsuitable
In subcomponent: /Users/username/Dev/Apps/MyApplication/MyApplication.app/Contents/Frameworks/QtConcurrent.framework

If I check the signature:

$codesign -vvv MyApplication.app/Contents/Frameworks/QtConcurrent.framework/Versions/5/QtConcurrent 
MyApplication.app/Contents/Frameworks/QtConcurrent.framework/Versions/5/QtConcurrent: valid on disk
MyApplication.app/Contents/Frameworks/QtConcurrent.framework/Versions/5/QtConcurrent: satisfies its Designated Requirement

According to http://furbo.org/2013/10/17/code-signing-and-mavericks/ it seems that I should sign the framework bundle something like this

$ codesign --force --verify --verbose --sign "Developer ID Application: My ID" MyApplication.app/Contents/Frameworks/QtConcurrent.framework/Versions/5

but this results in 

MyApplication.app/Contents/Frameworks/QtConcurrent.framework/Versions/5: bundle format unrecognized, invalid, or unsuitable
Solution

  • Got the same error this morning. The codesign application seems to be stricter on OSX 10.9

    The problem is caused by macdeployqt not copying the Qt framework bundles' info.plist file into the app bundle.

    You can work around this problem by telling your script to copy the files manually into the embedded framework's bundle file.

    e.g.

    $ cp ~/Qt5.2.0/5.2.0-beta1/clang_64/lib/QtCore.framework/Contents/Info.plist MyApplication.app/Contents/Frameworks/QtCore.framework/Resources/

    Do this for each of the qt modules your app uses, AFTER calling macdeployqt*, but BEFORE calling codesign. (* or mkdir the destination directories)

    Also, call codesign on the framework's folders, not on the version subfolder.

    i.e.

    $ codesign --force --verify --verbose --sign "Developer ID Application: My ID" MyApplication.app/Contents/Frameworks/QtConcurrent.framework

    Hope this helps.