GateKeeper warns dmg file is damaged after signing the application using install4j

0
votes

We have requested for Developer ID Application Certificate. Exported the certificate and private key as .p12 extension and imported into the Mac Keychain tool where the install4j 5.1.1 app is installed. Also placed the Developer ID Application certificate .cer extension file which is exported along with the private key to /resources/macos/certs under the install4j installation folder.

Restarted the install4j app and build the project to create executable with macos signed with Developer ID application certificate. The dmg file mounted directly on the system doesnt provide any error. But when downloaded from browser after uploading the same file in server, Gatekeeper shows a warning "DMG file is damaged".

Could you please advise some solution?

Different post are suggesting different solution but not a clear solution.

1
macosinstall4jcodesign
Try to execute codesign -vv [installer.dmg] to check for errors in the signature. Also, please update to the latest 5.1.x release. - Ingo Kegel
I have upgraded to the latest 5.1.15 release and then have followed the same steps placing the Developer ID certificate in /resources/macos/certs/ and also added the private key and certificate in the keychain. Referenced the .p12 file in the project. After i have executed codesign -vv [installer.dmg] as suggested i got the error "[installer.dmg]: code object is not signed at all" - user2321393
Sorry, I give the wrong instructions, you would have to mount the DMG, cd to /Volumes/[mount name] and execute codesign -vv [AppName] Installer.app there. - Ingo Kegel

1 Answers

0
votes

The "This file is damaged and can’t be opened" error can sometimes be caused when the mac you are signing on or doing your install4j build, doesn't have the intermediate certificates in your mac's keychain. When you click on your certificate in the mac keychain, it should have a green tick and not show any errors. There are other stackoverflow threads on this - would link them but I cant find them. You can try these ones that are currently listed by apple: https://developer.apple.com/certificationauthority/AppleWWDRCA.cer and https://developer.apple.com/certificationauthority/DeveloperIDCA.cer.

If you are missing the intermediate certs you will get "this certificate was signed by an unknown authority" when viewing in the mac key tool. I would check that first If I was you.