Ewwww, new libfmodex.dylib error

Hi all

I’ve had a bit of an issue with my apple developer Id application certificates lately, in that I lost a load of private keys to them. Long story short, I dug up an old laptop and managed to move one last working certificate and key across to my current machine.

But…. When I archive and notarise an app, get it approved and then try and run it, I get right to the end, and then the exported notarised app fails to run, with the following error:

‘Code signature in (xxxxxxx/…./Frameworks/libfmodex.dylib) not valid for use in process using Library Validation: mapped file has no Team ID and is not a platform binary (signed with custom identity or adhoc?)’

Can anyone help? I haven’t ever seen this before, and am totally stuck.

Did you try using the AppStore profile?

In the app name at the top of Xcode you select “Edit Scheme” and then in the Archive Section - select AppStore. That should do the code signing of all the bundled libs correctly. ( At least last I tried in 0.11.2 ).

Otherwise you can manually code sign the app in the Terminal. I think the flags --force and --deep are needed for dylibs.

Hey Theo, thanks for the reply!

So yeah, I am using the AppStore profile. I have been a fair bit freaked out by this one, as you can imagine, and been doing a lot of reading around the topic…

I wonder if somehow the dynamic lib is being signed differently to the main app. I found this here, which suggests different Team IDs can cause this. What’s weird is, I am using my same Apple dev account as I always have… but still.

I followed the suggestion in that thread this morning, and opted out of library validation in the hardened runtime settings. This works!! And now the notarised app runs no problem. Phew, apple really had me going for a bit there.

But, I find this a deeply unsatisfying solution - I never had this issue before, and now I do? Hummmmmm. Would love to know what the base cause is, and how to fix it.

Still, tldr, for anyone else; toggle on the ‘Disable Library Validation’ option in Hardened Runtime, and it works.