We are developing a Mac OS X application that we are going to distribute outside the Mac App Store. We ended up having these certificates in the Mac Developers program:
and when I go to select one for signing the application, I find this:
Am I correct in that I should use Developer ID: *
for Debug? Will that allow developers that don’t have my company’s certificate to sign the application to be able to run it locally?
What certificate should I use for Release?
CSR (Certificate Signing Request) The CSR needs to be sent to the certificate authority (CA), which is Apple for the iOS platform. Apple then confirms the developer's identity and issues a certificate to the developer.
A signing certificate is the first requirement you need in order to be able to sign apps for installation on iOS devices. Specifically, you need a development certificate, which lets an individual install and run an app on a device.
To distribute mac app outside app store, you need Developer ID Installer certificate. To subbmit your app to app store, you need Mac Installer Distribution certificate. All team members can create their own development certificate. Only a team agent or admin can create a distribution certificate.
For development (for example, the Debug configuratino) use the Mac Developer
option, which will choose your local Mac Developer certificate (in your case "Mac Developer: José Fernández"), which is meant for team members working on your project (includes testing/debugging).
For Release, use "Developer ID: *" which will pick the standard application release certificate used outside the AppStore, in your case "Developer ID Application: Carousel Apps. I recommend doing a final test/debug after codesigning to ensure it's working as expected.
The way Xcode picks up certificates is by a simple substring matching.
(Name, Type, Description)
iOS Development
iOS Distribution
Mac Development
Mac App Distribution
Mac Installer Distribution
Developer ID Application
Developer ID Installer
Once codesigned you can also simulate the launch behavior of your app when Gatekeeper is enabled from Terminal.app
:
spctl -a -v Carousel.app
./Carousel.app: accepted
source=Developer ID
The
Developer ID Application
certificate allows your app to run withGatekeeper
on the setting "allow apps downloaded from Mac App Store and identified developers"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With