So - our marketing department found some developer that created a app.
So I just got the 6gb App that I now need to sign and notarize, as the developer do not have done it
we have a developer certificate that I signed the app with
codesign --deep --force --verbose --timestamp --options runtime -f --sign “Developer ID Application: name (id)” /Applications/EO_Collection_Premiere_AW20_v1_0_0.app
It works fine and also doing a codesign --verify -vvvv my.app it validates the app signed.
But now when I try to open the app it crashes with the following
/Users/kri/EC_Collection_Premiere_AW20_v1_0_0.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework Reason: no suitable image found. Did find: /Users/kri/EC_Collection_Premiere_AW20_v1_0_0.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib: code signature in (/Users/kri/EC_Collection_Premiere_AW20_v1_0_0.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib) not valid for use in process using Library Validation: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.
I am not a developer, just an guy that try to sign that app - any has some input why this does not work or what must be changed to sign such a electron app correctly ?