发表新帖
发表新帖

How can I codesign an app without being in the mac developer program?

前端 未结
关注
3 1543
青春惊慌失措
青春惊慌失措 2021-01-03 13:40

When I try the following:

mba:Utilities ryan$ sudo codesign -fs /Applications/Utilities/Boot\\ Camp\\ Assistant.app/

I get this error:

相关标签:
3条回答
  • 粉色の甜心
    2021-01-03 14:31

    You need to create a self-signed certificate.

    1. Open Keychain Access.
    2. Choose Keychain Access > Certificate Assistant > Create Certificate ...
    3. Enter a name
    4. Set 'Certificate Type' to 'Code Signing'

    Then, your command should look like this, if your certificate name is my-new-cert:

    sudo codesign -fs my-new-cert /Applications/Utilities/Boot\ Camp\ Assistant.app

    This works on OS X 10.10 Yosemite.

    Instructions from here: http://support.apple.com/kb/PH7173

    0 讨论(0)
  • 暗喜
    2021-01-03 14:34

    Although I can't understand why you are trying to resign the Boot Camp Assistant, you can use the codesign tool with a self-signed CA and identity.

    Apple has steps to do so in their developer documentation TN2206: OS X Code Signing In Depth.

    0 讨论(0)
  • 小蘑菇
    2021-01-03 14:35

    If you need to create a self-signed certificate using the openssl command line and use it for signing you can do this:

    1) Create the spaghetti.software.extensions configuration file with the following content: 

    [ ca ] 

default_ca = CA_default 

[ req ] 

distinguished_name = req_distinguished_name 

x509_extensions = v3_ca 

#req_extensions = v3_req 

[req_distinguished_name ] 

CN = spaghetti.software.com 

[ CA_default ] 

x509_extensions = usr_cert 

[ usr_cert ] 

[ v3_ca ] 

basicConstraints = critical, CA:FALSE 

keyUsage = critical, cRLSign, digitalSignature, keyCertSign 

extendedKeyUsage = critical, serverAuth, clientAuth, codeSigning, emailProtection

    2) Run the following commands to create the certificate and pack both the certificate and the key in a .p12 file (PKCS12): 

    openssl req -subj '/CN=spaghetti.software.com' -config spaghetti.software.extensions -x509 -newkey rsa:4096 -keyout selfSignedKey.pem -out selfSigned.pem -days 365 


openssl pkcs12 -export -out spaghetti.software.p12 -inkey selfSignedKey.pem -in selfSigned.pem

    3) Create a new .keychain file and import the spaghetti.software.p12 file into the keychain (I believe you can do this with the command line as well if you don't want to use the Keychain Access application).

    4) Then you can use the certificate to sign: 

    codesign -s "spaghetti.software.com" --force <binaryToSign>

    You can add --keychain <MyKeyChain.keychain> if needed.

    0 讨论(0)
 看不清?
提交回复
热议问题