RFR: 8313904: [macos] All signing tests which verifies unsigned app images are failing
Alexander Matveev
alexander.matveev at oracle.com
Fri Aug 11 03:02:35 UTC 2023
Hi Michael,
On Aug 10, 2023, at 6:11 PM, Michael Hall <mik3hall at gmail.com<mailto:mik3hall at gmail.com>> wrote:
On Aug 10, 2023, at 6:35 PM, Michael Hall <mik3hall at gmail.com<mailto:mik3hall at gmail.com>> wrote:
On Aug 10, 2023, at 6:21 PM, Alexander Matveev <almatvee at openjdk.org<mailto:almatvee at openjdk.org>> wrote:
- Fixed tests by checking that all app bundles are signed and by checking how they signed ad-hoc vs actual certificate.
How is ad-hoc signing done?
If it’s this, I guess I got it
https://developer.apple.com/documentation/security/seccodesignatureflags/1397793-adhoc
Yes, this is how it is done.
I assume done with jpackage by indicating something like —mac-sign only? If wrong feel free to correct.
No, it is always done if —mac-sign is NOT specified and we doing ad-hoc signing on app bundle only. PKG will not be ad-hoc signed.
If —mac-sign is provided we will use certificate provided with —mac-sign to sign app image and PKG as before.
Thanks,
Alexander
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/core-libs-dev/attachments/20230811/aadaae6b/attachment-0001.htm>
More information about the core-libs-dev
mailing list