How to codesign an existing Mac OS X .app file for gatekeeper?

Question

I paid the $99 to get a developer license w/ Apple. Installed Xcode 4.3. Went to the Organizer and "Provisioning Profiles" and refreshed to download my code signing certificate. Checked my Keychain Access and confirmed that I have "3rd Party Mac Developer ", "Developer ID" and "Mac Developer *" certificates.

At this point the documentation from apple mentioned pulling up your project files. I'm using Wineskin to package my Windows application, so I don't have an Xcode project. I have a .app file produced my Wineskin. I'd like to codesign the .app file that Wineskin produced for me.

I tried: codesign -s "certificate name" /path/to/my.app

I tried all the possible certificate names that had my name and the word "Application" in them from my Keychain Access.

Every time I get the error "/path/to/my.app: object file format unrecognized, invalid, or unsuitable"

Any idea on how to get past this error? Am I even attempting the proper command? Or is there a different way I should go?

Answer 1

To summarize the comments to my questions, here are the commands I run to sign my .app file for Gatekeeper:

export CODESIGN_ALLOCATE="/Applications/Xcode.app/Contents/Developer/usr/bin/codesign_allocate"
codesign --force --sign "Developer ID Application: <my name>" /path/to/my.app

Thanks, Gordon Davisson and JWWalker!

(edit) If this fails, I realize that installing the "Command Line Tools" from within XCode was needed.

EDIT: To verify

$ codesign -dv --verbose=4 my.app

In Apple ID account make sure you have few types of certificate?

Answer 2

Make sure you have a valid developer certificate and a private key in your keychain. If you have some problems with it, the certificate should be revoked via developer.apple.com and generated from the scratch (XCode > Accounts > Manage Certificates).

Then you can use codesign:

codesign --force --deep --sign "Apple Development: FirstName LastName (XXXXXXXXXX)" /Applications/ApplicationName.app