for a few months we have a problem with uploading our app (shifts) to the appstore.
We’ve updated our app to work again with nextcloud version 25/26. Since we lost access to our old certificate, we requested a new one and signed our release with it:
openssl dgst -sha512 -sign priv.key ./myapp.tar.gz | openssl base64
When we try to upload the release with the generated signature we always get the following error:
Signature is invalid: [(‘rsa routines’, ‘rsa_ossl_public_decrypt’, ‘data too large for modulus’)].
The tarball is around 8MB in size. We use the github link to the release atrifact (https://github.com/csoc-de/Shifts/releases/download/v1.9.0/shifts-1.9.0.tar.gz)
I can generate the signature localy with
openssl dgst -sha512 -sign priv.key -out sign.pem ./myapp.tar.gz and successfully verify it with
openssl dgst -sha512 -verify pub.key -signature sign.pem ./my.tar.gz.
Does anyone know where this error come from and how to fix it?