Signing a Package in MAC

Question

I have a C++ code which I build on Netbeans (8.0.1) on MAC OSX 10.10.

Now I want to package this binary so I'm using PackageMaker. Once the build on PackageMaker finishes it asks to sign it, I clicked 'Allow'.

Then I open terminal and checked if the package was signed successfully, and I got:

codesign -v G16.pkg
G16.pkg: code object is not signed at all.

I login the apple developer "Certificates, Identifiers & Profiles" page and I have:

• 2 Developer ID Application certificate
• 4 Developer ID Installer
• 1 Mac App Distribution
• 1 Mac Development
• 1 Mac Installer Distribution

In the KeyChain I have 1 certificate under "My certificate" and 6 under "Certificate".

So my questions are:

1. What are the differences between all the certificate?
2. Which certificate do I need to use?
3. What do I do wrong?

Please help me!!! thanks :)

Answer 1

codesign is for signing of applications (not installers). You should use productsign to sign pkg files. The certificate you should be using is "Developer ID Installer". (Full name of your certificate as shown in your keychain)

productsign --sign 'Developer ID Installer: Vikrams' 'pkg_path/temp.pkg' 'pkg_path/signed_temp.pkg'