Few notes about Notary 2

Few notes about Notary 2.

Overall it’s easier to use than Notary 1, and seems more stable.

Today I tried to notarize a dmg with several applications.

Preflighting and signing with my script worked just fine.

When I tried to submit to Apple, I got a message that my app-specific password had expired. I went to AppleDeveloper and everything seemed fine, but I did have to agree to an updated developer agreement.

After doing that tried Notary again, same issue.

I couldn’t find the link for app-specific passwords on AppleDeveloper, so I did a search for SD Notary on the forum. All the results pointed to SC Notary 1.x.

The instructions there for App-specific passwords are outdated.

The search turned up an SD Notary questions topic and that pointed to an old 1.x post.

I poked around and found the SD Notary 2.0 link, and followed the instructions there for making a new app-specific password. I expected I’d have to enter that into SD Notary 2, but when I tried, it just worked. (HINT: You need to go to https://appleid.apple.com/account/home for the app-specific password, not Apple Developer)

So the short of it is:

  • Maybe explain in the notes that if the Developer Agreement is updated that may cause an app-specific password issue.
  • Please make sure that a search on the forum for SD Notary turns up the current version
  • Please make sure that the SD Notary search page points to the current version

Also, at this point I have two app-specific passwords linked to this Mac, but I wasn’t sure which one SD Notary is using and it took a bit to figure that out.

This Menu: File>Info For>UUID On Clipboard

Sent the app-specific password to the clipboard, which confirmed that the one I created today was current. Maybe make it clear that the UUID is the same as the app-specific password?

Even with these minor issues, the process of notarizing a folder full of apps for distribution is a piece of cake compared to the earlier version.


It sounds like you had the password on the clipboard.

You’re misunderstanding this command. This is for where you have the UUID of a submission you have made, and want to get further details. Here’s an example: click Fetch History, select and copy the id of a job listed there, then choose File -> Info For -> UUID on Clipboard.

So is there a way to see the app specific password in Notary (or anywhere else)?

No, it’s added to the login keychain under the name com.apple.gke.notary, and only notarytool can read it. That’s why the release notes suggest you keep a copy if you think you may need it again.

1 Like