My Gatekeeper settings are "App Store and Identified Developers"
I have a DMG with a signed app.
When I mount the DMG and run it locally, it works.
when I upload the same DMG to our servers (via http), download it (via http), mount it, and try to run the app I get a popup saying my application is "damaged and can't be opened. You should move it to the Trash.
I have no idea what's going on. How can the same file run correctly locally, but when uploaded and downloaded it's corrupt? The server is fine, other parties in our company upload and download applications from it just fine.
Am I missing something?
Figured out the problem after lot of tries.
In my case:
The Pop Message - damaged application came due to libraries were missing.
I Had created .app file using QT.
To generate dmg i was using deploymacqt command tool.
deploymacqt tool creates dynamic libraries inside .app, so basically if we codesign before creating dmg, this alter will manipulate code sign.
So the proper fix is.
# Create dmg using
deploymacqt <yourapp.app> -dmg
# Open resulted dmg file, copy <yourapp.app> to different folder(let's say /Documents/<yourapp.app>)
# Codesign the /Documents/<yourapp.app> using
codesign --deep --force --verify --verbose --sign "Developer ID Application: <developerid>" <yourapp.app>
# Verify using
codesign --verify --verbose=4 <yourapp.app>
* you should see something like this
<yourapp.app>: valid on disk
<yourapp.app>: satisfies its Designated Requirement
# Now create again the dmg file using [dropdmg](https://c-command.com/dropdmg/) application, download, install dropdmg. set the cofiguration preferences with your developer id certificate in signing option.
# drag and drop <yourapp.app> to dropdmg app, wait for creation of dmg to complete. voila you have now successfully created dmg with proper developer id certification.
# verify resulted dmg again using
codesign --verify --verbose=4 <yourapp.dmg>
# you can also verify with gatekeeper
spctl -a -t exec -vv <yourapp.dmg>
once you are done with these, you will not see pop message saying app is damaged or broken or unidentified developer.
I'm glad you found your problem. In case other people find this post searching about corrupted DMGs, I want to add another probable solution:
In addition to signing the .app bundle:
codesign -f -s "Developer ID Application: Your Dev ID Here" -v "Your App.app"
you should also sign the created DMG as well:
codesign -f -s "Developer ID Application: Your Dev ID Here" -v YourProgram.dmg
I didn't put quotation marks around the dmg file path because it's less likely that you have spaces in the dmg name. If you do, don't forget to escape them on the command line, or wrap your file path in quotes.
I discovered the problem.
unbeknownst to me, our installer program writes a file into the application bundle at install time.
This breaks the signature and causes the Mac to freak out and declare the application damaged.
Took a while to discover that.
My problem had a similar but different cause to the one described in @JasonGenX's post.
My app had some files that got modified when I ran it, and that caused the app's signature to fail verification.
To fix it, I removed those files and prevented them from ever being created or modified, so that the .app bundle should never change on its own.
Specifically, I had Python code in my app bundle. When the app ran Python, it compiled imports to .pyc
files. These got signed along with the rest of the app bundle.
When I ran the .app before creating the DMG, Python updated & modified these .pyc
files, so they no longer passed signature verification. I verified this using:
$ codesign --verify --verbose=4 my.app
[...]
my.app: a sealed resource is missing or invalid
file modified: /private/tmp/my.app/Contents/Resources/python-dist/chardet/codingstatemachine.pyc
file modified: /private/tmp/my.app/Contents/Resources/python-dist/chardet/euckrprober.pyc
[...etc...]
The .app still ran on my own computer because I had built it myself, so it was trusted. But when I uploaded & downloaded the DMG, it got tagged to indicate it had come from an untrusted source and required signature verification.
Since the signature verification failed, MacOS reported that the app bundle was damaged.
The fix was to delete the .pyc
files from my bundled Python resources, and run Python as python -B
, which instructs it not to create .pyc
files.
I rebuilt my .app bundle without the .pyc
files, and Python no longer creates them, so the .app bundle remains unmodified.