[External] : Re: RFR: 8313904: [macos] All signing tests which verifies unsigned app images are failing
Alexander Matveev
alexander.matveev at oracle.com
Fri Aug 11 20:55:03 UTC 2023
Hi Michael,
On Aug 10, 2023, at 10:48 PM, Michael Hall <mik3hall at gmail.com<mailto:mik3hall at gmail.com>> wrote:
I assume done with jpackage by indicating something like —mac-sign only? If wrong feel free to correct.
No, it is always done if —mac-sign is NOT specified and we doing ad-hoc signing on app bundle only. PKG will not be ad-hoc signed.
If —mac-sign is provided we will use certificate provided with —mac-sign to sign app image and PKG as before.
Thanks,
Alexander
I always do dmg or app-image for quick testing. I haven’t done any pkg yet.
So if I understand correctly now for app bundle types - dmg or app-image, some signing is always done. Certificate if signing is indicated and it is provided or adhoc if it isn’t indicated as a default. I didn’t know this.
Yes, but ad-hoc signing was introduced back in JDK 20 with https://bugs.openjdk.org/browse/JDK-8298488 for macOS x64 and in JDK 19 with https://bugs.openjdk.org/browse/JDK-8277493 for macOS aarch64. We do ad-hoc signing for app images when generating PKG as well, so it is for all targets and not only for app-image or dmg.
Thanks,
Alexander
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/core-libs-dev/attachments/20230811/a19de894/attachment-0001.htm>
More information about the core-libs-dev
mailing list