1- Create a Bundle ID for your app
If you currently have a Mac product and have not already done so, you may be considering submission to the Mac App Store. In the upcoming series of posts, I will be detailing the process that we went through to get Pretty Good Solitaire Mac Edition, and some of our other game products, successfully submitted to MAS.
- This post has recently been updated and can be found here: How to Submit an App to the App Store Updated App submission is often an afterthought. But ensuring you submit your app to the App Store properly (a service included in our end-to-end development) is an important first step to ensure exposure and entice users to download.
- MacOS Catalina will soon be available to hundreds of millions of users around the world. With macOS Catalina, your Mac apps can take advantage of Sign in with Apple, Sidecar, and the latest advances in Core ML 3, and Metal. And with Mac Catalyst, you can bring your iPad apps to Mac. Build your apps using Xcode 11, test them on a Mac computer running the macOS Catalina GM seed, and submit them.
The very first step to be able to send a mac app to the appStore is to create a unique Bundle ID for it:
- go to your Apple Developer Account
- click Certificates, IDs & Profiles
- select macOS in the top-left dropdown list
- click on App IDs under the Identifiers menu
- click the + sign on the upper-right part of the screen
- give a description to your app, choose Explicit App ID and enter a Bundle ID (usually something like com.domain.appname)
- click Continue and then Register
2- Create your developer certificates
You need two types of certificate as a developer to submit an app to the mac appStore:
- click Certificates, IDs & Profiles
- select macOS in the top-left dropdown list
- click on All under the Certificates menu
- click the + sign on the upper-right part of the screen
- in the Production section choose Mac App Store
- in the next page select Mac App Distribution, click Continue
- create your Certificate Signing Request as indicated, click Continue
- load your CSR file and download the generated certificate
In addition to the Mac App Distribution certificate, one also need a Mac Installer Distribution certificate. You need to perform the same steps as previously and select Mac Installer Distribution on step 5.
All your certificates should be ready now.
3- Package your Electron app
It is now time to prepare your app for the submission. You first need to install electron-packager. This module will be helpful to create the .app and package everything we need. To install :
And then run:
Change ELECTRON_VERSION to the correct version of Electron installed in your machine (run “electron -v” if you are not sure).
This will create your appName.app in a new folder named mas-build. This is usually enough if you want to distribute your app. However, a few more steps are required to submit it properly to the appStore.
As you can see, you also need the .icns file with the requested icon format. You can check here to see how to prepare the perfect .icns.
4- Sign your app
You need then to sign your app, so everybody knows it’s coming from a trustworthy developer 😉
The codesign command already exists by default on mac, you will use it to sign your app. Run the following command by properly adding the name of your certificate and the correct path to your appName.app.
5-Prepare additional files
5.a- Update the Info.plist
Your app is now signed. The next step is to find your appName.app, right-click and select Show Package Contents.
Go to the Contents folder and open the Info.plist file with a text editor (not Xcode).
Add the following code
Just before
Here you need to replace TEAM_ID with your teamID, you can find it on your Apple developer account (click Membership then you’ll see a row named Team ID).
5.b- Add child.plist and parent.plist
Create the two following files with the corresponding content:
- child.plist
- parent.plist
Replace TEAM_ID by your Team ID and your.bundle.id by the unique Bundle ID of your app (we previoudly used com.domain.appname).
6- Create a .pkg of your app
Create a new file and name it packageAppStore.sh with the following content.
You need to do some changes on this file on the first lines:
- l4: change YourApp.app by the name of your app (with the .app extension), in our case appName.app
- l6: change /path/to/YourApp.app to the path to your appName.app
- l8: change ~/Desktop/$APP.pkg to the directory where you want to save your final .pkg, don’t modify the $APP.pkg part
- l10 and l11: Enter the corresponding names of your two certificates
- l13: change /path/to/child.plist to the path to your child.plist file
- l14: change /path/to/parent.plist to the path to your parent.plist file
Finally, run the following command to generate your appName.pkg :
7- Launch Application Loader and load the .pkg
If you already installed Xcode, you should also have an application called Application Loader. Launch Application Loader and login with your account. You might need to get an app specific password, for this connect to appleid.apple.com and click Generate Passwords… on the APP-SPECIFIC-PASSWORDS section. Enter a Label (for example Application Loader) and copy paste the code to the Application Loader app.
Click Choose and select the freshly generate appName.pkg. This should automatically identify your app based on the Bundle ID.
Finish the whole process of uploading your app.
8- Complete your app information
You app build should be available on your iTunesConnect account soon. In the meantime, you need to complete the information about your app. Once done, you can select the build that you want to upload to the appStore and click Submit.
9- Some potential issues
Mac App Store Submission Guidelines
If you submitted the .pkg file but it does not appear on itunesConnect, check your email. If you received something like:
Invalid Signature – The executable at path appName.app/Contents/Resources/app/node_modules/robotjs/build/Release/robotjs.node has following signing error(s): code object is not signed at all In architecture: x86_64 . Refer to the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html for more information.
You need to sign the different modules mentioned in this email. For that, just do as follow for each module:
Voilà 🙂 You can now enjoy some coffee while waiting for the review. Congratulations!
Source: https://electron.atom.io/docs/tutorial/mac-app-store-submission-guide/
We can work together
Share this post on social media:
Since v0.34.0, Electron allows submitting packaged apps to the Mac App Store(MAS). This guide provides information on: how to submit your app and thelimitations of the MAS build.
Note: From v0.36.0 there was a bug preventing GPU process to start afterthe app being sandboxed, so it is recommended to use v0.35.x before this buggets fixed. You can find more about this in issue #3871.
Note: Submitting an app to Mac App Store requires enrolling Apple DeveloperProgram, which costs money.
How to Submit Your App
The following steps introduce a simple way to submit your app to Mac App Store.However, these steps do not ensure your app will be approved by Apple; youstill need to read Apple's Submitting Your App guide onhow to meet the Mac App Store requirements.
Get Certificate
To submit your app to the Mac App Store, you first must get a certificate fromApple. You can follow these existing guides on web.
Sign Your App
After getting the certificate from Apple, you can package your app by followingApplication Distribution, and then proceed tosigning your app. This step is basically the same with other programs, but thekey is to sign every dependency of Electron one by one.
First, you need to prepare two entitlements files.
child.plist:
parent.plist:
And then sign your app with the following script:
If you are new to app sandboxing under OS X, you should also read throughApple's Enabling App Sandbox to have a basic idea, thenadd keys for the permissions needed by your app to the entitlements files.
Upload Your App and Submit for Review
After signing your app, you can use Application Loader to upload it to iTunesConnect for processing, making sure you have created a recordbefore uploading. Then you can submit your app for review.
Limitations of MAS Build
In order to satisfy all requirements for app sandboxing, the following moduleshave been disabled in the MAS build:
crashReporterautoUpdater
and the following behaviors have been changed:
- Video capture may not work for some machines.
- Certain accessibility features may not work.
- Apps will not be aware of DNS changes.
Also, due to the usage of app sandboxing, the resources which can be accessed bythe app are strictly limited; you can read App Sandboxing formore information.
Cryptographic Algorithms Used by Electron
Depending on the country and region you are located, Mac App Store may requiredocumenting the cryptographic algorithms used in your app, and even ask you tosubmit a copy of U.S. Encryption Registration (ERN) approval.
Mac App Store Online
Electron uses following cryptographic algorithms:
- AES - NIST SP 800-38A, NIST SP 800-38D, RFC 3394
- HMAC - FIPS 198-1
- ECDSA - ANS X9.62–2005
- ECDH - ANS X9.63–2001
- HKDF - NIST SP 800-56C
- PBKDF2 - RFC 2898
- RSA - RFC 3447
- SHA - FIPS 180-4
- Blowfish - https://www.schneier.com/cryptography/blowfish/
- CAST - RFC 2144, RFC 2612
- DES - FIPS 46-3
- DH - RFC 2631
- DSA - ANSI X9.30
- EC - SEC 1
- IDEA - 'On the Design and Security of Block Ciphers' book by X. Lai
- MD2 - RFC 1319
- MD4 - RFC 6150
- MD5 - RFC 1321
- MDC2 - ISO/IEC 10118-2
- RC2 - RFC 2268
- RC4 - RFC 4345
- RC5 - http://people.csail.mit.edu/rivest/Rivest-rc5rev.pdf
- RIPEMD - ISO/IEC 10118-3
Mac App Store Submission Software
On how to get the ERN approval, you can reference the article: How to legallysubmit an app to Apple’s App Store when it uses encryption (or how to obtain anERN).