I try to sign an app-bundle that includes the Java Runtime Environment 8 (JRE).
From command line I run this command:
codesign -s "Developer ID Application: My Company" /Development/MyApp.app
I get this output:
MyApp.app: code object is not signed at all In subcomponent: /Development/MyApp.app/Contents/PlugIns/jre8/Contents/Home/jre/COPYRIGHT
The result is that the App-bundle doesn't get signed as expected.
How do I fix this?
The friendly manual on code signing says to sign the sub-component first, then try again with your app itself:
codesign says my code is unsigned when I try to sign it.
Make sure all nested code is already signed and its signature is valid. Xcode will take care of this for you if you let it handle your code signing tasks.
It goes on to say let Xcode handle all the signing, which may or may not be helpful since you are already choosing to sign things from the command line.
To sign all nested code in one go, add the
Another way of doing the same is to create a shell script that checks the signature state of the nested code, and signs if it is missing. This way you may get more control on what you are signing within the bundle.
A bash-script called
sign-unsigned.shthat checks one entry in the bundle and signs it if it is not already signed could be done like this:
/Developmentand do this on the command line: