Skip to content

FAQ

Jump to bottom
Zhuo Lu edited this page Jan 16, 2018 · 3 revisions

  • Signature too large to embed

    Manually sign the app bundle, providing --signature-size to codesign. This issue may be addressed in a future release of electron-osx-sign. (electron-builder#1834)

  • Nested code is modified or invalid

    Make sure the signing identity is not set to always trust in Keychain Access. (#131)

  • No such file or directory when verifying signed app bundle

    Provide --no-strict to avoid applying additional restrictions when validating code. (#161)

iTunes Connect Mac App Store Submission

  • The executable could not be re-signed for submission to the App Store

    ERROR ITMS-90135: "The executable could not be re-signed for submission to the App Store. The app may have been built or signed with non-compliant or pre-release tools."

    Remove .o files in the app bundle. (#58)

  • Files only readable by the root user

    ERROR ITMS-90255: "The installer package includes files that are only readable by the root user. This will prevent verification of the application's code signature when your app is run. Ensure that non-root users can read the files in your app."

    Try running find . ! -perm -g+r from the app directory and manually chmod the file with only root access. (#71)

  • Invalid provisioning profile

    ERROR ITMS-90283: "Invalid Provisioning Profile."

    Confirm whether the embedded provisioning profile is for Mac App Store distribution. (#151)

  • Invalid code signing entitlements

    ERROR ITMS-90287: "Invalid Code Signing Entitlements. The entitlements in your app bundle signature do not match the ones that are contained in the provisioning profile. The bundle contains a key that is not included in the provisioning profile: 'com.apple.developer.team-identifier' in ..." ERROR ITMS-90287: "Invalid Code Signing Entitlements. The entitlements in your app bundle signature do not match the ones that are contained in the provisioning profile. The bundle contains a key that is not included in the provisioning profile: 'com.apple.application-identifier' in ..."

    Make sure to embed the provisioning profile in the app bundle. (#114)

  • App sandbox not enabled

    ERROR ITMS-90296: "App sandbox not enabled. The following executables must include the "com.apple.security.app-sandbox" entitlement with a Boolean value of true in the entitlements property list: ... Refer to App Sandbox page at https://developer.apple.com/devcenter/mac/app-sandbox/ for more information on sandboxing your app."

    If com.apple.security.app-sandbox is correctly inserted in the entitlements, it could be that ElectronTeamID is not included in Info.plist. (#120)

  • Cannot find module ...

    Avoid putting native modules in the asar. (#151)

  • Temporary entitlement exceptions

    We’ve determined that one or more temporary entitlement exceptions requested for this app are not appropriate and will not be granted: com.apple.security.temporary-exception.sbpl: (allow mach-register (global-name-regex #“^org.chromium.Chromium.rohitfork.[0-9]+$“)) com.apple.security.temporary-exception.sbpl: (allow mach-lookup (global-name-regex #“^org.chromium.Chromium.rohitfork.[0-9]+$“))

    Electron's moved to use group containers to allow IPC with App Sandbox; please avoid specifying temporary exceptions for mach register/lookup.

  • You can only transfer sandboxed apps that are not sharing a group container

    (#150)

NB: Please check the last edit time to ensure if the demo scripts on this page are still supported by any of the modules here mentioned. Please open an issue at electron-osx-sign if any stops working or needs updating; your support is very much appreciated!

Clone this wiki locally