Login/Register
What are the ways or technologies to sign an executable application file in mac os x environment?
Asked Answered
Solved macoscode-signingkeychain
O

1

6

I want to use self signed certificate to do signing of mac os executable like .app file or .ipa file for development purpose. I am not intending to publish the signed app in ios or mac app store. I want to develop this as a tool. So what are the options available?

I do not want to use "Xcode’s automatic code signing" as it is out of my development scope.

Ovenbird answered 12/10, 2019 at 17:44 Comment(0)
H
8

First you will need to generate your own certificate.

  1. open -a "Keychain Access"
  2. (MENU) Certificate Assistant > Create a Certificate
  3. Enter the Name (for example my-codesign-cert)
  4. Identity Type > Self Signed Root
  5. Certificate Type > Code Signing
  6. Check "Let me override defaults" & click Continue.
  7. Enter a unique Serial Number.
  8. Enter a big Validity Period (days), like 3560 & click Continue.
  9. Fill in your personal information & click Continue.
  10. Accept defaults for the rest of the dialog boxes.

Codesign your items

codesign -s my-codesign-cert /path/to/my/binary_executable

Self-generated code sign certificates should be used for internal development only.

Do not release thusly signed items into the wild.

Hoebart answered 13/10, 2019 at 12:21 Comment(7)
Hi, Thank you for your reply. Are you suggesting “codesign” command line tool is the only way to sign .app or .ipa file?Ovenbird
Im not sure what other command would codesign code besides codesign.Hoebart
Hi Richard,Thanks.Do you know or suggest any other technologies(except command line tools and xcode auto signing),preferably any api (swift or objective c) which will do the signing with the certificate(stored in keychain)?Ovenbird
No. Things that codesign are going to be exec("codesign"… calls anyhow.Hoebart
Hi,So is/are there any command/s which I can run in the terminal to create certificate instead of using GUI of Keychain access?Ovenbird
I want to pass my certificate name ,email address, organisation and other details in the command to create a self signed certificate.Ovenbird
@Prabal openssl can generate those.Hoebart

© 2022 - 2024 — McMap. All rights reserved.