Use openssl via command line (instead of the Keychain Access) if you get stuck.
This process can get tricky especially if you use the same private key for two certificates. In my case, I originally only had a certificate for packaging installers (not codesigning). If you don't have this certificate, you'll need to request one using a CSR.Certificates, Identifiers & Profiles, (Click "iOS, tvOS, watchOS" dropdown) macOS, Developer ID Application.developerID_application.cer) certificate. jnilib) each bundled library must be signed using an "Application" (e.g. Instructions for notarization using xcrun are further below.įor a Java app which contains native calls (e.g. If it finds any that aren't signed, it'll be rejected. During notarization, Apple will extract the. app containing scripts, jars), the notarization should pass. Please edit, comment or re-answer as needed.
Note: At the time of posting this, Apple's notarization command allowed the below procedure to work however as notarization and security becomes more common and more strictly enforced it is inevitable that Apple will change and improve hardening requirements and procedures. With slight modifications, the answer should work for other types of projects (python, powershell, node) as well. I'm answering this question in regards to a Java project that requires notarization.