Hi,
We're using cURL to communicate with a server with mutual authentication (server and client-side certificates). The application runs on OS X 10.7 and newer. We're using CLion, not XCode for development.
Before we signed our binary the following dialog popped up every time we did client side authentication via (CURLOPT_SSLCERT)
http://i.stack.imgur.com/IAjtV.png
Once signed, the dialog is not shown on 10.8 or newer. However, when on OS X 10.7 the dialog is shown despite the binary being signed, but now with only the text "Do you want to allow access to this item?"
We sign the binary as follows (the .pfx used for codesigning is previously imported into the keychain):
> codesign -s "Our Identifier" path/to/binaryfile
When running (both on 10.7 and 10.11)
> codesign --verify -v path/to/binary
The result is
> binaryname: valid on disk
> binaryname: satisfies its Designated Requirement
So it seems the code signing is valid also on 10.7 - is this just different behavior on OS X's part? Can it be circumvented like in newer versions?
Thanks,