Enabling “Hardened Runtime” from outside of XCode

javamojavenotarization

This question is prompted by the new Notarization requirements that Apple will enforce for Mac Apps distributed outside of the Mac App Store targeting Mojave (in the near future.)

I maintain a suite of self-hosted, Developer ID Application certificate-signed apps, using a custom runtime (Excelsior JET for Mac Java JIT Compiler / Runtime); custom bash scripts (are used as part of the apps in the installation process) and automate the builds. Therefore, there are no XCod` projects per-se involved in this process.

After consulting the developer docs, I wasn't able to find a way to activate and customize this "hardened mode" (described here) by using any kind utilities from XCode, but from the CLI (instead of the IDE GUI). Is there any way to accomplish this?

Best Answer

Are you looking for codesign's --options runtime argument? I believe that's all you need to enable the hardened runtime.

Apple has a couple of documents that make it pretty easy to figure out your own notarization flow:

Related Solutions

MacOS – Enabling Java 7 on Mountain Lion

Apple's tools don't see Java 7, Oracle's tools don't see Java 6; it's all a bit ugly. Luckily there's an ugly fix to go with it!

Normal Mac Java 6 running on 10.8:

java -version
java version "1.6.0_33"
Java(TM) SE Runtime Environment (build 1.6.0_33-b03-424-11M3720)
Java HotSpot(TM) 64-Bit Server VM (build 20.8-b03-424, mixed mode)

Install the Java 7 JDK (not just the JRE) from Oracle.

Move the system java out of the way (so you can get it back if you want):

sudo mv /System/Library/Java/JavaVirtualMachines/1.6.0.jdk /System/Library/Java/JavaVirtualMachines/1.6.0.jdkx

Then symlink 7 in place of 6:

sudo ln -s /Library/Java/JavaVirtualMachines/jdk1.7.0_06.jdk /System/Library/Java/JavaVirtualMachines/1.6.0.jdk

and voila:

java -version
java version "1.7.0_06"
Java(TM) SE Runtime Environment (build 1.7.0_06-b24)
Java HotSpot(TM) 64-Bit Server VM (build 23.2-b09, mixed mode)

I've not had trouble with any java apps so far (apart from java preferences which checks which java it's running under).

There's probably a better way of doing this, but it works for me.

MacOS – Yosemite keeps asking to install Java runtime, while it’s installed

Install the SDK instead of the JRE.

I had a similar issue: I installed the JRE and ran the webpage-based test that said I installed successfully. But my java-based app wouldn't run, and running java -version in the console said Java was not installed. On a whim I decided to install the full SDK and now it all works.

Best Answer

Related Solutions

MacOS – Enabling Java 7 on Mountain Lion

MacOS – Yosemite keeps asking to install Java runtime, while it’s installed

Related Question