On Sat, Nov 20, 2021 at 01:38:39PM +1100, Grahame Grieve wrote: > I agree it's sure not a core openSSL issue. But surely lots of people > want to use openSSL in cross platform apps and openSSL is interested > in adoption issues? Most of the users here are building applications that are not notarised, and so work with the upstream builds. > Anyway, it looks like I now have to figure out how to maintain a > custom build of openSSL :-( It shouldn't be too difficult to execute the build, once you've figured out the actual requirements. Apparently you need to make sure that signed code has very explicit dependencies, which makes some sense, so the libraries bundled with the application need to be built in a way that can be verified along with the application. My best guess is that Apple are not specifically picking on OpenSSL here, and similar issues would arise with any other libraries you'd want to package with your application. Good luck. Feel free to share your findings. Perhaps someone will then help you find a way to improve on them, or to add a template to the build to support this going forward... -- Viktor.