-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to to update with updater due to UnexpectedKeyId
#950
Comments
can you share your tauri-action config? And maybe also the list of uploaded assets 🤔 Were you able to find the matching .sig file (that was used in latest.json)? |
Hi Fabian, of course. Here it is:
Yes, I build my own backend, which delivers the latest.json and does the correct wiring for the signatures. In needed this anyway to be able to identify beta users. |
|
okay no, something is broken. If i first run the ci without the config, then re-run it with the config (targeting the same release), something breaks. If i run it with the config without an existing release to overwrite the json is correct (though still writing all 3 fields, not sure if that's how i intended it back then) |
Thanks Fabian for checking in! |
I spend a whole day, trying to figure out, what is going on. And finally - I hope - I found the issue.
I was trying to update my app on Mac, which always returned a "UnexpectedKeyId". This sounded for me like a wrong signature. I thought, I used the wrong
TAURI_SIGNING_PRIVATE_KEY
orTAURI_SIGNING_PRIVATE_KEY_PASSWORD
. But everything seem to be correct. Thetauri.conf.json
is configured to my github projecthttps://github.com/<user>/<app>/releases/latest/download/latest.json
.After checking my Windows updates, there seemed to be no issue at all. So it can't be the keys. I started my own local server, created a latest.json and used the
my_app_universal.app.tar.gz.sig
as my signature and it worked on mac too.So it looks like the signature of the
darwin-aarch64
inside of thelatest.json
is not matching with themy_app_universal.app.tar.gz.sig
. They are different.Am I configuring something wrong or is this a bug?
I am using
tauri-apps/tauri-action@v0
tauri-plugin-updater = "2.0.2"
tauri 2.0.6
The text was updated successfully, but these errors were encountered: