Newbie question of Code Signing

I am working on a Mac application that cannot work on "sandboxing" environment. My app is dealing with file system etc.

Question I have is, will I need Code Signing Cert? Do we need EV Code Signing Cert - to reduce the number of errors ? If someone can list general app signing requirement, it will be great. Also pls let me know best place to acquire such certs?

Accepted Reply

So, some factoids:

  • The Mac App Store requires sandboxing. If your app is incompatible with the App Sandbox, you can’t ship it on the Mac App Store.

  • Fortunately, the Mac supports independent distribution using Developer ID signing.

  • Tasks that involve “dealing with file system” are often feasible in a sandboxed app. If you want input as to whether your app is really incompatible with the App Sandbox, please post more details about what it’s doing.

  • You will need to sign your code. For day-to-day development I recommend signing with an Apple Development signing identity. For distribution you’ll need either an Apple Distribution signing identity, for the Mac App Store, or Developer ID Application, for independent distribution.

  • To get a distribution signing identity you must just the Apple Developer Program as a paid member.

  • If you’re building your app outside of Xcode, see Creating Distribution-Signed Code for Mac.

  • Also see Packaging Mac Software for Distribution.

  • Also see my Code Signing Resources post for a bunch of other docs.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Add a Comment

Replies

So, some factoids:

  • The Mac App Store requires sandboxing. If your app is incompatible with the App Sandbox, you can’t ship it on the Mac App Store.

  • Fortunately, the Mac supports independent distribution using Developer ID signing.

  • Tasks that involve “dealing with file system” are often feasible in a sandboxed app. If you want input as to whether your app is really incompatible with the App Sandbox, please post more details about what it’s doing.

  • You will need to sign your code. For day-to-day development I recommend signing with an Apple Development signing identity. For distribution you’ll need either an Apple Distribution signing identity, for the Mac App Store, or Developer ID Application, for independent distribution.

  • To get a distribution signing identity you must just the Apple Developer Program as a paid member.

  • If you’re building your app outside of Xcode, see Creating Distribution-Signed Code for Mac.

  • Also see Packaging Mac Software for Distribution.

  • Also see my Code Signing Resources post for a bunch of other docs.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Add a Comment

OK, it seems that this thread has turned into a spam magnet so I want to be crystal clear about something: Third-party code signing certificates are not supported by Apple’s platforms. To sign code for our platforms [1] you need a signing certificate issued by Apple.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] And by this I mean:

  • To submit an app to App Store.

  • To independently distribute a Mac app in a way that satisfies Gatekeeper.