Apple Notarisation and Custom PKG Installers
Apple has introduced notarisation as a requirement for installation of PKGs on macOS with macOS version 10.15. Notarisation status can be determined in two ways :
- Offline: cryptographically verifying a ticket stapled to the PKG at installer creation time
- Online: contacting apples servers to verify an app / installer has been notarised
Custom installers for FileWave Client and Booster will be notarised starting from Version 13.2.2 and upwards, however, the notarisation ticket will not be stapled onto the PKG you download from https://custom.filewave.com at the current time, requiring 'Online' confirmation.
Provided your macOS machines can reach the required servers outlined in https://support.apple.com/en-us/HT210060 , you can expect everything to work as normal after 10-15 minutes of downloading the custom PKG.
|188.8.131.52/18||443||TCP||macOS only||Ticket delivery||—|
|184.108.40.206/18||443||TCP||macOS only||Ticket delivery||—|
|220.127.116.11/19||443||TCP||macOS only||Ticket delivery||—|
Custom PKG Version 13.2.2
Version 13.2.2 Custom PKGs created prior to 4th March 2020 will not be notarised and will require re-creating if notarisation is required
The PKG may be tested for notarisation. On macOS 10.15.x you may observe the following:
Before notarisation has been completed by Apple:
% spctl -a -vvv -t install FileWaveClient_13.2.2-fw.filewave.com-20-Feb-2020.pkg FileWaveClient_13.2.2-fw.filewave.com-20-Feb-2020.pkg: rejected source=Unnotarized Developer ID origin=Developer ID Installer: FileWave (Europe) Gmbh (83S2TRZ3CS)
After notarisation has been completed by Apple:
% spctl -a -vvv -t install FileWaveClient_13.2.2-fw.filewave.com-20-Feb-2020.pkg FileWaveClient_13.2.2-fw.filewave.com-20-Feb-2020.pkg: accepted source=Notarized Developer ID origin=Developer ID Installer: FileWave (Europe) Gmbh (83S2TRZ3CS)