Hi everyone! Have any of you packaged Unreal projects for Mac distribution, either through or outside of the App Store? I have what I think is going to be a problem with a very simple solution, but I’ve reached the limits of my knowledge with this sort of thing. I’m an exhibit/experiential designer trying to build interactive 3D environments with Unreal Engine. Besides being more technically literate than most designers, I don’t have very much development knowledge at all. Blueprints really make a lot possible that I would have never otherwise attempted!
My main development machine runs Windows, and that’s gone off without a hitch.
For the Mac build, I’ve packaged my .app through UE and it’s running great. The part that I can’t seem to wrap my head around is code-signing and notarizing. I believe I’ve gone through the process correctly but I still get the Gatekeeper dialog box rejecting my app as from an “unidentified developer” when I run it on a different Mac or download it onto my development Mac and try to run it.
I’m using a “Developer ID Application” certificate installed to Keychain, and ran codesign with that certificate as shown below on every single binary and .dylib file in the package:
codesign -f -v -s "Developer ID Application: My Name (IDCODE)" --entitlements "/entitlements.xml" --options runtime --all-architectures --timestamp "each-individual-file"
I have then compressed the app into a DMG image and uploaded it for notarization like so:
xcrun altool --notarize-app -primary-bundle-id "com.thebundleID" --file "thearchive.dmg" --username "myappleid" --password "password"
After many attempts I did eventually get this to return with a success. I then ran
xcrun stapler staple "thearchive.dmg"
as well as tried to extract the app from the dmg and ran
xcrun stapler staple "theapp.app"
and despite
spctl -vvv --assess --type exec "theapp.app"
coming up “accepted” with a “Notarized Developer ID” matching my own, when I transfer the app to another computer it won’t open easily, with the same “unidentified developer” message as if I hadn’t signed the code at all.
I made a similar post in Apple’s Developer forums and someone commented that proper notarization doesn’t necessarily lead to gatekeeper acceptance. In the console, I see XProtectService taking note of a couple of .dylib files for PhysX3—which are properly signed—but I just don’t know enough to make that information useful.
Has anyone here gone through this process and found a way to make it work? Have I missed something? I’m happy to share a download link for you to try launching as well.