Apple's Gatekeeper has stricter requirements for signed-applications in Mac OS X 10.9 Mavericks; one of the new requirements is that all subcomponents of a signed-application must also be signed. The way to accomplish this with a 4D merged application is to use the --deep parameter to the codesign command when signing.
Another thing that developers should consider is omitting specific files from their signed-applications seal. Any folders or files that the developer knows will be modified at runtime (or after installation) should be omitted from the seal. Apple has an article that covers how to omit files from the seal here:
https://developer.apple.com/library/mac/technotes/tn2206/_index.html
Here is an example for the Client application (to omit the folder containing the EnginedServer.4dlink file) create an plist file with this contents:
| <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>rules</key> <dict> <key>/Contents/Database/*</key> <dict> <key>omit</key> <true/> <key>weight</key> <real>10</real> </dict> </dict> </dict> </plist> |
Then sign the client application like this:
| codesign -f --deep --resource-rule=/path/to/resource/plist/file/from/above -s "Developer ID Application: YOUR NAME" "Yourapp Client.app" |
An example for the server application (to omit the folder containing the structure, indexes, logs, plugins, components, etc) create a plist file like this:
| <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>rules</key> <dict> <key>/Contents/Server Database/*</key> <dict> <key>omit</key> <true/> <key>weight</key> <real>10</real> </dict> </dict> </dict> </plist> |
Then sign your server application like this:
| codesign -f --deep --resource-rule=/path/to/resource/plist/file/from/above -s "Developer ID Application: YOUR NAME" "Yourapp Server.app" |