No announcement yet.

How to create the proper .pkg file for deployment to the MacStore

  • Filter
  • Time
  • Show
Clear All
new posts

    Hello guys. I have problem with codesign. I constantly get error no identity found.
    I followed instructions, did changes to info.plist, made both .icns files, and got to codesign part.
    This is my command:
    codesign -f -v -s "3rd Party Mac Developer Application: Marko Spasojevic(XXXXXXXXXX)" --entitlements "/Desktop/MacNoEditor" ""
    I tried removing this key in brackets, i tried removing name but i get the same error: No identity found.
    I looked in my key chain and i have both 3rd Party Mac Developer Application and 3rd Party Mac Developer Instaler certificates, and they have their own private key.
    What am i doing wrong?


      Hey media4marko ,
      I've run into the same issue years later. I've followed the guide as you've done, I have both 3rd party application and installers but I run into this error:
      error: The specified item could not be found in the keychain.

      Did you manage to fix this? romfeo any ideas on your side? Also thanks for the guide.

      Even now in 2019, your guide is the best thing I've found to help other UE4 users bring their games to the Mac App Store


        My issue was related to my certificates not having an associated key. I confirmed this through Xcode->Preferences->Certificates and had to redo my certs as I switched Mac during my porting.

        I've run into a new issue now that all is signed.

        Unsupported Architecture - Application executables may support either or both of the Intel architectures:
        • i386 (32-bit)
        • x86_64 (64-bit)
        I have logged a support ticket, and the issue is the dll I manually co-signed. Fingers crossed for a quick fix!


          Any updates?
          Did anyone managed to publish with UE 4.19.2 ?


            My team has been following these instructions but our app (4.22) keeps getting rejected with

            ERROR ITMS-90240: "Unsupported Architectures. Your executable contained the following disallowed architectures: '[i386 (in
            New apps submitted to the Mac App Store must support 64-bit starting January 2018, and Mac app updates and existing apps must support 64-bit starting June 2018."
            Has anyone gotten around that issue? Are there 64-bit versions of those libraries? This feels like it could end up being a non-starter


              Actually it looks like I ended up fixing that using ditto --arch x86_64 to strip the 32-bit code from the .app. However we're still hitting a rejection from the App Loader with the extremely vague "ERROR ITMS-90135: "The executable could not be re-signed for submission to the App Store. The app may have been built or signed with non-compliant or pre-release tools."

              Has anyone had any luck with uploading apps that use restricted entitlements (e.g. iCloud)?

              [EDIT] see below for a solution
              Last edited by CraveTheGrave; 08-10-2019, 08:30 PM.


                My team hit a less-typical situation with packaging for Mac where we wanted to include some macOS-specific features like iCloud and GameCenter that require a few extra steps in this process.

                For features like iCloud communication, Mac apps need special entitlements linked to an application’s provisioning profile. To upload these apps to the Mac app store, you’ll have to not only sign the app with extra entitlements in the style of the first post in this thread, but also embed the distribution provisioning profile so the operating system knows it can trust those entitlements. I'm writing this up in case someone else finds themselves in a similar situation.

                Here’s what worked for us.

                1) Package the app as Shipping/Distribution for Mac from Unreal (we used version 4.22) as usual.

                NOTE: make sure you uncheck “Include Debug Files” in your project settings. If you package an app with a debug .dSYM file in it, Application Loader will fail with the cryptic `ERROR ITMS-90135: "The executable could not be re-signed for submission to the App Store. The app may have been built or signed with non-compliant or pre-release tools.”` and you’ll lose an entire weekend figuring out what the heck is going wrong

                2) Edit the plist of the exported app. You can either open it up via the terminal at or navigate there via finder (Show Package Contents) and double-click it to open it in xcode.

                You’ll want to set the Application Type, version strings, and possibly the bundle id to match the identifier you’re uploading to.

                3) Remove the file and the directory As mentioned earlier, the RadioEffectUnit stuff can cause problems with packaging. As far as I can tell it’s safe to kill it, but if you actually need these files for your game I’m not sure what you should do :/

                4) As of 2018, the Mac App Store will not accept applications with 32-bit code. Your exported Unreal 4.XX game should be good to go, but a few of the third party libraries in your package include 32-bit and 64-bit code. We have to remove it. In our case we did that with:

                lipo -remove i386 -output
                lipo -remove i386 -output
                Though it’s possible your exported package might have other libraries that need stripping.

                5) Now add in your Mac App Store Distribution provisioning profile. You may have to create this in the developer portal and download it. Rename it “embedded.provisionprofile” and move it to

                6) Now prep your entitlements xml for signing. This will vary based on what entitlements you need. Create and fill in a temporary “mygame.entitlements” file (you can name this whatever you want; it isn’t going in your application). Ours looked something like:

                <?xml version="1.0" encoding="UTF-8"?>
                <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
                <plist version="1.0">

                7) It’s signing time. You’ll have to sign the game binary, all dynamic libraries, and finally the .app itself. We did this with:

                codesign -f -v -s "3rd Party Mac Developer Application:" --entitlements mygame.entitlements

                This command signs all .dylibs in the file. I’m not sure you need entitlements here.

                find | grep .dylib | xargs codesign -f -v -s "3rd Party Mac Developer Application:" --entitlements mygame.entitlements

                Then sign the whole app:

                codesign -f -v -s "3rd Party Mac Developer Application:" --entitlements mygame.entitlements

                8) Finally, build the .pkg:

                productbuild --component /Applications --sign "3rd Party Mac Developer Installer:" MyGame.pkg
                And upload with the Application Loader. If you have any issues with your icon settings or other plist information, those warnings will appear here. Redo all of step 7 if you make any changes to your folder.

                Feel free to reach out if you hit any issues trying this. Caveat emptor, we just got this working today and haven’t verified that the uploaded package works once installed by users.


                  Thank you for sharing!

                  maybe a stupid question, but it seems like we dont have to sign the pak file ?
                  Last edited by ColdSteel48; 08-11-2019, 01:10 PM.


                    I'm not an expert by any means, but It looks like you don't have to sign the pak since it isn't executable. App Connect didn't complain that ours was unsigned, and when signing local development builds it definitely wasn't necessary in order to make our entitlements work properly. That said, I think if you did sign it the pkg will probably still be valid?


                      Thank you again for sharing this priceless info!


                        I wonder how you were able to publish on MAS,
                        I just discovered that UE4 won't run on case-sensitive file system.
                        And that after going through hell with notarization and code signing - did Apple just accepted your submission with this limitation ?
                        That seems very very weird to me ?
                        Or did you patched something inside the engine source so it works with case-sensitive environment ?


                          So, making this to RUN (I mean the game and not the engine itself) on case sensitive system was quite easy:
                          I had to delete the error and rename 2 strings inside the engine.

                          I am going again through codesign and notarization process right now - and if it will success I will post a detailed update on how to compile the engine and what new flags we have to add to the codesign parameters.


                            When I try to deliver my app to the Mac store, it gives these 2 errors regarding UnrealCEFSubProcess:

                            ERROR ITMS-90296: "App sandbox not enabled. The following executables must include the "" entitlement with a
                            Boolean value of true in the entitlements property list: [(
                            "com.*****.********.pkg/Payload/***********.app/Contents/UE4/Engine/Binaries/Mac/" )]
                            Refer to App Sandbox page at for more information on sandboxing your app."
                            ERROR ITMS-90511: "CFBundleIdentifier Collision. The Info.plist CFBundleIdentifier value 'com.epicgames.UnrealCEFSubProcess' of
                            '**********.app/Contents/UE4/Engine/Binaries/Mac/' is already in use by another application."
                            [2:11 AM]
                            Has anyone experienced the same? What should I do to get rid of these?