Just received my Pro in the mail, went to install the app, Catalina refuses with message:
“Nitrokey App v1.4.app” can’t be opened because Apple cannot check it for malicious software.
This software needs to be updated. Contact the developer for more information.
Homebrew Cask downloaded this file today at 19:41 from www.nitrokey.com .
(I’ve tried both Homebrew and downloaded versions - same result.
Is it only the installation or can you not open the App after installation ?
I just tried 1.3.2 with Firmware 0.54 on a Storage 1 and this works under macos 10.15.1 - maybe you want to try that version as a quick workaround in case it is not an installation problem.
Oops. You’re right. It installs perfectly. It’s when I try to open the app that it complains about Apple being unable to scan it etc.
Sorry about that,
Ok, have you tried to ctrl-click (right-click) on the App ? You will get the context menu, which has also a possibility to “Open”. If you choose this, the former dialog will give you the possibility to open the App without verification. Then you should be also able to use 1.4.x
The warning you received is specific to macOS GateKeeper. Upon accessing a newly installed app, GateKeeper will first check if the app was signed using a valid developer key. This was the expected behavior in Mojave. Next, GateKeeper will check if the app has been notarized. Notarization is a process whereby a developer submits their app to be virus scanned (and other automated checks performed) by Apple.
Long story short, @Peacekeeper is correct in suggesting you to use ctrl-click.
Also, you might open
System Preferences.app and select
Security & Privacy. Then select the General tab. Your blocked app will appear under
Allow apps downloaded from:. Specifically, mine was listed as:
"Nitrokey App v1.4.app" was blocked from use because it is not from an identified developer." When trying to open it, outside of Gatekeeper, it gave me the same message as you first described.
Exactly, as previous replies mentions, the Nitrokey App was not notarized yet, which is required by macOS 10.15. This is planned though, and hopefully 1.4 and 1.3.2 will not require additional actions to open.
Still, all the released binaries for macOS are code-signed with our developer key, which should confirm its genuity. It can be cross-validated indirectly as well (by SHA value) with the GPG signature.
@nitroalex Can you add please description about this case to the download page?
PS Sorry for the late reply.
Thank you for the explanation. Makes sense. I’ll follow the suggestions.