MacOS – Signing an App that includes Java fails


I try to sign an app-bundle that includes the Java Runtime Environment 8 (JRE).

From command line I run this command:

codesign -s "Developer ID Application: My Company" /Development/

I get this output: code object is not signed at all
In subcomponent: /Development/

The result is that the App-bundle doesn't get signed as expected.

How do I fix this?

Best Answer

code signing

The friendly manual on code signing says to sign the sub-component first, then try again with your app itself:

codesign says my code is unsigned when I try to sign it.

Make sure all nested code is already signed and its signature is valid. Xcode will take care of this for you if you let it handle your code signing tasks.

It goes on to say let Xcode handle all the signing, which may or may not be helpful since you are already choosing to sign things from the command line.


To sign all nested code in one go, add the --deep argument to codesign:

codesign --deep -s "Developer ID Application: My Company" /Development/

shell script

Another way of doing the same is to create a shell script that checks the signature state of the nested code, and signs if it is missing. This way you may get more control on what you are signing within the bundle.


A bash-script called that checks one entry in the bundle and signs it if it is not already signed could be done like this:

if codesign --verify $1 ; then 
   codesign --sign "$2" $1;

Put the in /Development and do this on the command line:

cd /Development/
find . -exec ../ {} "Developer ID Application: My Company" \;
codesign --sign "Developer ID Application: My Company" ../