Which certificate should I use to sign my Mac OS X application?

Question

We are developing a Mac OS X application that we are going to distribute outside the Mac App Store. We ended up having these certificates in the Mac Developers program:

Answer 1

To code sign via the terminal (if not using Xcode):

codesign -s "Developer ID" -v Carousel.app # to sign with "Developer ID Application" for distribution

codesign -s "Mac Developer" -v CarouselDebug.app # to sign with "Mac Developer:*" for testing

spctl -a -v Carousel.app # to verify, look for "accepted"

spctl -a -v CarouselDebug.app # to verify, look for "accepted"

Codesign finds the correct certificate by looking for certificates in your keychain that have the -s string as a substring. If only more than one certificate matches, it will warn you and you can give a longer string.

Reference: https://developer.apple.com/library/content/documentation/Security/Conceptual/CodeSigningGuide/Procedures/Procedures.html#//apple_ref/doc/uid/TP40005929-CH4-SW4