Keepassxc: Apple cannot check if 2.5.0 is malicious software

Created on 27 Oct 2019 · 16Comments · Source: keepassxreboot/keepassxc

Expected Behavior

Just after updating to 2.5.0 and a trial of opening the application, maOS informs:

<<“KeePassXC.app” can’t be opened because Apple cannot check it for malicious software.
This software needs to be updated. Contact the developer for more information.
Safari downloaded this file today at 11:13 from github-production-release-asset-2e65be.s3.amazonaws.com.>>

Current Behavior

I cannot open the app.

Possible Solution

Previous version has been working well.

Steps to Reproduce

Context

Debug Info

KeePassXC - 2.5.0

Operating system: macOS Catalina 10.15

macOS

Source

JaroslawOnGitHub

👍2

Most helpful comment

See here: https://support.apple.com/en-us/HT202491

It works very well now. Thanks!
Have a good time ahead!

JaroslawOnGitHub on 27 Oct 2019

🎉3

All 16 comments

This does not happen with macOS Mojave 10.14.

varjolintu on 27 Oct 2019

After coming back to a previous version 2.4.3 the app works well again.

JaroslawOnGitHub on 27 Oct 2019

👍2

I just updated from 2.4.3 to 2.5 on Catalina (10.15) and it works fine.

beckerj on 27 Oct 2019

I'm having exactly the same issue. macOS Catalina here.

KamilRT on 27 Oct 2019

See here: https://support.apple.com/en-us/HT202491

droidmonkey on 27 Oct 2019

👍1

I had no problem with opening v2.5.0 under macOS Catalina

treee111 on 27 Oct 2019

See here: https://support.apple.com/en-us/HT202491

It works very well now. Thanks!
Have a good time ahead!

JaroslawOnGitHub on 27 Oct 2019

🎉3

Does it mean that we don't get fix for this as the case is closed? I mean is there any plans to get Apple to trust developers of the app?

heikkij on 1 Nov 2019

I noticed this also. You right click and select Open the first time and get the warning. Right click and select Open the second time and you get a different prompt and can open it.

chriscareycode on 1 Nov 2019

There is nothing to fix. This is just how Apple has decided to treat developers. Unless you release on the app store this is what you have to deal with unfortunately. Even though we sign the app with a paid certificate!!

droidmonkey on 1 Nov 2019

The only way to "fix" it is to get our app notarised somehow, which means throwing even more money at Apple. They make €99 a year of us already for doing absolutely nothing except letting their fully automated system generate a certificate for us.

phoerious on 1 Nov 2019

OK, I have understood that by paying 99 per a year includes possibility to have apps notarized..

heikkij on 1 Nov 2019

The other problem with notorization is that you have to wait for it to actually be done before you deploy since Apple actually signs your release package.

droidmonkey on 1 Nov 2019

Solution outlined on https://support.apple.com/en-us/HT202491 didn't work on one MacBook.

I found you can get round this by deleting the quarantine extended attribute on the application.

xattr -d com.apple.quarantine /Applications/KeePassXC.app

Then open as normal.

Ref: https://discussions.apple.com/thread/250425993

s01ipsist on 2 Nov 2019

The other problem with notorization is that you have to wait for it to actually be done before you deploy since Apple actually signs your release package.

You don't have to, it will check online at run time if you don't staple the package.

While annoying it's not hard to add it to your build scripts:

Run xcrun altool to notarize
Poll for notarization to finish with altool --notarization-info. This takes couple minutes
Staple the .app file to make it work offline (xcrun stapler)