如何验证我的Electron应用程序以避免在macOS上出现“开发者无法验证”错误?

huangapple go评论151阅读模式
英文:

How can I verify my Electron app to avoid "developer cannot be verified" error on macOS?

问题

我开发了一个React Electron应用,并使用electron-builder进行打包。在macOS上安装应用程序后,我遇到了一个问题,尝试打开它会出现一个错误消息:"无法打开我的Electron应用程序,因为无法验证开发者"。

虽然我通过临时调整安全设置并点击"仍要打开"按钮来绕过此错误,但我的目标是为应用程序建立正确的验证方式。我希望确保当我与他人分享应用程序时,他们可以安装和运行它,而无需修改任何设置或禁用安全功能。

有人可以指导我验证我的Electron应用程序的步骤,以便它可以在其他macOS设备上顺利安装和启动,而不会遇到"无法验证开发者"的障碍吗?非常感谢您的帮助!

我已经查阅了多个来源,他们建议加入Apple开发者计划来解决这个问题。
https://developer.apple.com/support/app-account/

英文:

I've developed a React Electron app and used electron-builder to package it. After installing the app on macOS, I encountered an issue where attempting to open it results in an error message: "My Electron App cannot be opened because the developer cannot be verified."

While I managed to bypass this error by temporarily adjusting security settings and clicking the "open anyway" button, my goal is to establish proper verification for the app. I want to ensure that when I share the app with others, they can install and run it without having to modify any settings or disable security features.

Could someone guide me through the steps to verify my Electron app so that it can be smoothly installed and launched on other macOS machines without encountering the "developer cannot be verified" obstacle? Your assistance will be greatly appreciated!

I've researched multiple sources and they recommend enrolling in the Apple Developer Program to address this issue.
https://developer.apple.com/support/app-account/

答案1

得分: 1

在 macOS 上出现“开发者无法验证”错误是因为苹果的 Gatekeeper 安全功能。为了向用户保证您的应用程序是安全的,请对其进行代码签名和公证。以下是验证 Electron 应用程序的逐步指南:

  1. 加入苹果开发者计划:
    您需要加入苹果开发者计划以获取必要的证书和工具。该计划需要缴纳年费。在此注册

  2. 获取开发者 ID 证书:
    登录苹果开发者中心
    导航到 Certificates, Identifiers & Profiles(证书、标识符和配置文件)。
    在 macOS 下,选择 Certificates(证书),然后点击 + 按钮创建新的证书。
    选择 Developer ID Application(开发者 ID 应用程序)并按照屏幕上的说明进行操作。

  3. 对 Electron 应用程序进行代码签名:
    使用支持代码签名的 electron-builder。确保已在您的 Mac 上安装了开发者 ID 应用程序证书。
    在您的 electron-builder 配置中(通常在 package.json 文件中),确保包含以下内容:

"mac": {
  "category": "your.app.category",
  "entitlements": "./build/entitlements.mac.plist",
  "hardenedRuntime": true,
  "gatekeeperAssess": false,
  "type": "distribution"
},
"dmg": {
  "sign": false
}

entitlements.mac.plist 是一个定义应用程序权限的文件。对于基本应用程序,可能不需要此文件,但对于使用某些 macOS 功能的应用程序,您需要指定权限。

  1. 对应用程序进行公证:
    从 macOS Catalina 开始,应用程序需要由苹果进行公证。这是一个自动化的过程,苹果会扫描您的应用程序以查找恶意内容。
    调整您的 electron-builder 配置:
"afterSign": "scripts/notarize.js"

在您的 notarize.js 文件中:

require('dotenv').config();
const { notarize } = require('electron-notarize');

exports.default = async function notarizing(context) {
  const { electronPlatformName, appOutDir } = context;
  if (electronPlatformName !== 'darwin') {
    return;
  }

  const appName = context.packager.appInfo.productFilename;

  return await notarize({
    appBundleId: 'your.app.id',
    appPath: `${appOutDir}/${appName}.app`,
    appleId: process.env.APPLE_ID,
    appleIdPassword: process.env.APPLE_ID_PASSWORD,
  });
};
  1. 分发应用程序:
    一旦签名和公证完成,将 .dmg 或 .pkg 文件分发给用户。他们将不再看到“开发者无法验证”错误。
英文:

The "developer cannot be verified" error on macOS arises because of Apple's Gatekeeper security feature. To assure users that your app is safe, code sign and notarize it. Here's a step-by-step guide for verifying your Electron app:

  1. Join the Apple Developer Program:
    You'll need to enroll in the Apple Developer Program to get access to necessary certificates and tools. It comes with an annual fee. enroll here

  2. Obtain a Developer ID Certificate:
    Log in to Apple Developer Center.
    Navigate to Certificates, Identifiers & Profiles.
    Under macOS, select Certificates and then click the + button to create a new certificate.
    Choose Developer ID Application and follow the on-screen instructions.

  3. Code Signing the Electron App:
    Use electron-builder which supports code-signing. Ensure you have your Developer ID Application certificate installed on your Mac.
    In your electron-builder configuration (usually in package.json), ensure you have.

<!-- begin snippet: js hide: false console: true babel: false -->

<!-- language: lang-js -->

&quot;mac&quot;: {
  &quot;category&quot;: &quot;your.app.category&quot;,
  &quot;entitlements&quot;: &quot;./build/entitlements.mac.plist&quot;,
  &quot;hardenedRuntime&quot;: true,
  &quot;gatekeeperAssess&quot;: false,
  &quot;type&quot;: &quot;distribution&quot;
},
&quot;dmg&quot;: {
  &quot;sign&quot;: false
}

<!-- end snippet -->
The entitlements.mac.plist is a file that defines permissions for your app. For a basic app, this might not be required but for apps using certain macOS capabilities, you'd need to specify entitlements.

  1. Notarize the App:
    Starting macOS Catalina, apps need to be notarized by Apple. This is an automated process where Apple scans your app for malicious content.
    Adjust your electron-builder config:

<!-- begin snippet: js hide: false console: false babel: false -->

<!-- language: lang-js -->

&quot;afterSign&quot;: &quot;scripts/notarize.js&quot;

<!-- end snippet -->
In your notarize.js:

<!-- begin snippet: js hide: false console: false babel: false -->

<!-- language: lang-js -->

require(&#39;dotenv&#39;).config();
const { notarize } = require(&#39;electron-notarize&#39;);

exports.default = async function notarizing(context) {
  const { electronPlatformName, appOutDir } = context;
  if (electronPlatformName !== &#39;darwin&#39;) {
    return;
  }

  const appName = context.packager.appInfo.productFilename;

  return await notarize({
    appBundleId: &#39;your.app.id&#39;,
    appPath: `${appOutDir}/${appName}.app`,
    appleId: process.env.APPLE_ID,
    appleIdPassword: process.env.APPLE_ID_PASSWORD,
  });
};

<!-- end snippet -->

  1. Distribute the App:
    Once signed and notarized, distribute your .dmg or .pkg file to users. They shouldn't see the "developer cannot be verified" error anymore.

答案2

得分: 0

你是正确的,被确认的开发者是苹果开发者计划的付费会员。苹果开发者在系统中提交了许多法律和财务协议以及披露文件,这有助于保护在其他用户设备上分发和运行的软件的安全性。确保这种安全性的两个组成部分需要苹果向会员颁发的开发者ID或App Store分发证书:经过认证的代码签名和公证。我认为最近费用略有增加,但只是象征性的一笔款项,大约每年100美元左右。

参考:https://discussions.apple.com/thread/7488189

英文:

You are correct, identified developers are paid members of Apple's Developer Program. There are numerous legal and financial agreements and disclosures Apple Developers file in the system which help protect the security of software that gets distributed and run on other users' machines. The two components of ensuring this security require a Developer ID or Appstore Distribution certificate issued by Apple to members: certified codesign and notarization. I think the fee went up slightly recently, but it is only a token sum, around $100 or so per year.

Cf. https://discussions.apple.com/thread/7488189

huangapple
  • 本文由 发表于 2023年8月9日 13:06:52
  • 转载请务必保留本文链接:https://go.coder-hub.com/76864732.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定