Mac 应用商店发布是否需要公证?
Is notarization necessary for Mac App store release?
上传到Apple App Store之前是否需要公证应用程序?我看到一些文章说 non-app 商店分发需要公证,而苹果会 运行 在批准应用商店版本之前进行公证。
谁能确认一下?
我问这个问题的原因是因为我为外部 Mac App Store 分发公证了该应用程序并且它运行良好。对于 Mac 应用程序商店构建,我可以上传和分发它,它在 Mac 上运行良好,只有当用户尝试打开 Catalina(测试版)时才会出现问题,请参见附图。请问是不是跟公证有关
更新:问题不是由于公证,而是由于代码签名。其中一个节点二进制文件在上传到 MAS 之前没有签名,也许 Catalina 有更严格的规则检查它。
只有在 Mac App Store 之外分发才需要公证。请参阅 Distribute outside the Mac App Store (macOS),其中表示:
In some cases, you may want to distribute an app outside of the Mac App Store [...] Users gain additional assurance if your Developer ID-signed app is also notarized by Apple.
macOS User Guide 有话要说:
App Store: [...] All the developers of apps in the Mac App Store are identified by Apple, and each app is reviewed before it’s accepted
App Store and identified developers: [...] Identified developers are registered with Apple and can optionally upload their apps to Apple for a security check. If problems occur with an app, Apple can revoke its authorization.
不,这不是必需的。从应用商店下载的应用未经过公证。您可以使用 spctl 命令验证它。
spctl -a -v /Applications/Pages.app
/Applications/Pages.app: accepted
source=Mac App Store
仅当应用程序是从 App Store 外部下载时,Gatekeeper 才会检查公证。
From Safely open apps on your Mac
When you install Mac apps, plug-ins, and installer packages from
outside the App Store, macOS checks the Developer ID signature and
notarization status to verify that the software is from an identified
developer and that it has not been altered.
上传到Apple App Store之前是否需要公证应用程序?我看到一些文章说 non-app 商店分发需要公证,而苹果会 运行 在批准应用商店版本之前进行公证。 谁能确认一下?
我问这个问题的原因是因为我为外部 Mac App Store 分发公证了该应用程序并且它运行良好。对于 Mac 应用程序商店构建,我可以上传和分发它,它在 Mac 上运行良好,只有当用户尝试打开 Catalina(测试版)时才会出现问题,请参见附图。请问是不是跟公证有关
更新:问题不是由于公证,而是由于代码签名。其中一个节点二进制文件在上传到 MAS 之前没有签名,也许 Catalina 有更严格的规则检查它。
只有在 Mac App Store 之外分发才需要公证。请参阅 Distribute outside the Mac App Store (macOS),其中表示:
In some cases, you may want to distribute an app outside of the Mac App Store [...] Users gain additional assurance if your Developer ID-signed app is also notarized by Apple.
macOS User Guide 有话要说:
App Store: [...] All the developers of apps in the Mac App Store are identified by Apple, and each app is reviewed before it’s accepted
App Store and identified developers: [...] Identified developers are registered with Apple and can optionally upload their apps to Apple for a security check. If problems occur with an app, Apple can revoke its authorization.
不,这不是必需的。从应用商店下载的应用未经过公证。您可以使用 spctl 命令验证它。
spctl -a -v /Applications/Pages.app
/Applications/Pages.app: accepted
source=Mac App Store
仅当应用程序是从 App Store 外部下载时,Gatekeeper 才会检查公证。
From Safely open apps on your Mac
When you install Mac apps, plug-ins, and installer packages from outside the App Store, macOS checks the Developer ID signature and notarization status to verify that the software is from an identified developer and that it has not been altered.