Hi!
I've been reading about how the Signing and Certificates work for macOS applications to be distributed outside the App Store, and I had some doubts in regards to the use of the Developer ID Application Certificate.
Can the same Developer ID Application Certificate be used to sign and distribute more than one application?
Or is there some sort of bond established between an individual Certificate and an app's bundle Identifier? ( either it be in the Code Signing or the Notarize step of distributing the app )
I assume that's not the case, but I don't fully understand how the relationship between the certificate and the apps being signed work; and I have read that an account its limited to a maximum of 5 Developer ID Certificates.
Any information on the subject would be appreciated, Thanks!
I've been reading about how the Signing and Certificates work for macOS applications to be distributed outside the App Store, and I had some doubts in regards to the use of the Developer ID Application Certificate.
Can the same Developer ID Application Certificate be used to sign and distribute more than one application?
Or is there some sort of bond established between an individual Certificate and an app's bundle Identifier? ( either it be in the Code Signing or the Notarize step of distributing the app )
I assume that's not the case, but I don't fully understand how the relationship between the certificate and the apps being signed work; and I have read that an account its limited to a maximum of 5 Developer ID Certificates.
Any information on the subject would be appreciated, Thanks!
Absolutely. A Developer ID identifies a team, not a specific app.Can the same Developer ID Application Certificate be used to sign and
distribute more than one application?
In some cases it’s necessary to identify an app within a team, and that’s what a provisioning profile does. It bonds together an set of certificates (for Developer ID, this is just your Developer ID Application certificate), a set of devices (for Developer, this is “all Macs”), and a set of allowed entitlements. The latter includes the com.apple.application-identifier entitlement which identifies a specific app.
Note that, while you can only have a limited number of Developer ID signing identities, there’s no limit to the number of provisioning profiles you can create. And you only need a provisioning profile in specific circumstances. Many Developer ID apps ship without them.
Unless something goes wrong, most teams should create at most one Developer ID Application and Developer ID Installer signing identity.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
