发表新帖
发表新帖

Which certificate should I use to sign my Mac OS X application?

前端 未结
关注
2 814
失恋的感觉
失恋的感觉 2020-12-28 18:55

We are developing a Mac OS X application that we are going to distribute outside the Mac App Store. We ended up having these certificates in the Mac Developers program:

相关标签:
2条回答
  • 再見小時候
    2020-12-28 19:02

    For development (for example, the Debug configuratino) use the Mac Developer option, which will choose your local Mac Developer certificate (in your case "Mac Developer: José Fernández"), which is meant for team members working on your project (includes testing/debugging).

    For Release, use "Developer ID: *" which will pick the standard application release certificate used outside the AppStore, in your case "Developer ID Application: Carousel Apps. I recommend doing a final test/debug after codesigning to ensure it's working as expected.

    The way Xcode picks up certificates is by a simple substring matching.

    Apple Codesigning Certificate Types

    (Name, Type, Description)

    iOS Development

    • iPhone Developer: Team Member Name Used to run an iOS app on devices and use certain app services during development.

    iOS Distribution

    • iPhone Distribution: Team Name Used to distribute your iOS app on designated devices for testing or to submit it to the App Store.

    Mac Development

    • Mac Developer: Team Member Name Used to enable certain app services during development and testing.

    Mac App Distribution

    • 3rd Party Mac Developer Application: Team Name Used to sign a Mac app before submitting it to the Mac App Store.

    Mac Installer Distribution

    • 3rd Party Mac Developer Installer: Team Name Used to sign and submit a Mac Installer Package, containing your signed app, to the Mac App Store.

    Developer ID Application

    • Developer ID Application: Team Name Used to sign a Mac app before distributing it outside the Mac App Store.

    Developer ID Installer

    • Developer ID Installer: Team Name Used to sign and distribute a Mac Installer Package, containing your signed app, outside the Mac App Store

    enter image description here Once codesigned you can also simulate the launch behavior of your app when Gatekeeper is enabled from Terminal.app:

    spctl -a -v Carousel.app

./Carousel.app: accepted
source=Developer ID

    The Developer ID Application certificate allows your app to run with Gatekeeper on the setting "allow apps downloaded from Mac App Store and identified developers"

    0 讨论(0)
  • 被撕碎了的回忆
    2020-12-28 19:10

    To code sign via the terminal (if not using Xcode):

    codesign -s "Developer ID" -v Carousel.app # to sign with "Developer ID Application" for distribution

    codesign -s "Mac Developer" -v CarouselDebug.app # to sign with "Mac Developer:*" for testing

    spctl -a -v Carousel.app # to verify, look for "accepted"

    spctl -a -v CarouselDebug.app # to verify, look for "accepted"

    Codesign finds the correct certificate by looking for certificates in your keychain that have the -s string as a substring. If only more than one certificate matches, it will warn you and you can give a longer string.

    Reference: https://developer.apple.com/library/content/documentation/Security/Conceptual/CodeSigningGuide/Procedures/Procedures.html#//apple_ref/doc/uid/TP40005929-CH4-SW4

    0 讨论(0)
 看不清?
提交回复
热议问题