Signing Custom Build - Verifying / Notarizing requiring Sandbox?

[marcusheBG]

Hello! Thank you so much in advance.

We are successfully signing a custom version of IBM Notifier with our Developer ID. However in order to verify the sign - Apple is saying that the app is required to be sandboxed. We have added the App Sandbox payload and for testing only - checked permissions for all items. However, after building with the Sandbox payloads added - the compiled custom Notifier app will run / open, but not accept any terminal commands and perform any functions.

However, the app runs perfectly fine with a normal signature as well.

Any ideas or guidance? Thank you!

• Marcus

[SMartorelli]

Hi @marcusheBG I see that you also enabled all the exception in the Hardened Runtime capability tab, it's not needed. IBM Notifier don't need to have sandbox capability so I suggest you to restart from the scratch from the repo code. It's hard to debug signature/validation issues without the code.
PS: you're trying to sign it with an Enterprise Developer Account right?