我应该使用哪个证书来签署我的 Mac OS X 应用程序? [英] Which certificate should I use to sign my Mac OS X application?

问题描述

我们正在开发一个 Mac OS X 应用程序，我们将在 Mac App Store 之外分发该应用程序.我们最终在 Mac 开发者计划中获得了这些证书:

当我选择一个来签署申请时，我发现:

我应该使用 Developer ID: * 进行调试是否正确?这是否允许没有我公司证书的开发人员签署应用程序以便能够在本地运行它?

我应该使用什么证书来发布?

解决方案

对于开发(例如，Debug configuratino)使用 Mac Developer 选项，它将选择您本地的 Mac Developer 证书(在您的案例Mac 开发人员:José Fernández")，适用于从事您项目的团队成员(包括测试/调试).

对于发布，请使用开发人员 ID:*"，这将选择 在 AppStore 之外使用的标准应用程序发布证书，在您的情况下为开发者 ID 应用程序:轮播应用程序.我建议进行最终测试/debug 在代码设计后确保它按预期工作.

Xcode 获取证书的方式是通过简单的子字符串匹配.

Apple 代码设计证书类型

(名称，类型，描述)

iOS 开发

• iPhone 开发人员:团队成员姓名 用于在设备上运行 iOS 应用并在开发过程中使用某些应用服务.

iOS 分发

• iPhone 分布:团队名称 用于分发您的 iOS 应用程序指定设备进行测试或提交到 App Store.

Mac 开发

• Mac 开发人员:团队成员名称 用于启用某些应用服务在开发和测试期间.

Mac 应用分发

• 第 3 方 Mac 开发者应用程序:团队名称 用于签署 Mac 应用程序在将其提交到 Mac App Store 之前.

Mac 安装程序分发

• 3rd Party Mac Developer Installer:团队名称用于签名和提交一个 Mac 安装程序包，包含您签名的应用程序，到 Mac 应用程序商店.

开发者 ID 应用程序

• Developer ID Application:团队名称之前用于签署 Mac 应用程序在 Mac App Store 之外分发.

开发者 ID 安装程序

• Developer ID Installer:团队名称 用于签署和分发 Mac安装程序包，包含您已签名的应用程序，位于 Mac 应用程序之外商店

代码签名后，您还可以在从 Terminal.app 启用 Gatekeeper 时模拟应用程序的启动行为:

spctl -a -v Carousel.app./Carousel.app:接受来源=开发者 ID

<块引用>

Developer ID Application 证书允许您的应用运行Gatekeeper 设置 允许从 Mac App Store 下载应用程序和确定的开发者"

We are developing a Mac OS X application that we are going to distribute outside the Mac App Store. We ended up having these certificates in the Mac Developers program:

and when I go to select one for signing the application, I find this:

Am I correct in that I should use Developer ID: * for Debug? Will that allow developers that don’t have my company’s certificate to sign the application to be able to run it locally?

What certificate should I use for Release?

解决方案

For development (for example, the Debug configuratino) use the Mac Developer option, which will choose your local Mac Developer certificate (in your case "Mac Developer: José Fernández"), which is meant for team members working on your project (includes testing/debugging).

For Release, use "Developer ID: *" which will pick the standard application release certificate used outside the AppStore, in your case "Developer ID Application: Carousel Apps. I recommend doing a final test/debug after codesigning to ensure it's working as expected.

The way Xcode picks up certificates is by a simple substring matching.

Apple Codesigning Certificate Types

(Name, Type, Description)

iOS Development

• iPhone Developer: Team Member Name Used to run an iOS app on devices and use certain app services during development.

iOS Distribution

• iPhone Distribution: Team Name Used to distribute your iOS app on designated devices for testing or to submit it to the App Store.

Mac Development

• Mac Developer: Team Member Name Used to enable certain app services during development and testing.

Mac App Distribution

• 3rd Party Mac Developer Application: Team Name Used to sign a Mac app before submitting it to the Mac App Store.

Mac Installer Distribution

• 3rd Party Mac Developer Installer: Team Name Used to sign and submit a Mac Installer Package, containing your signed app, to the Mac App Store.

Developer ID Application

• Developer ID Application: Team Name Used to sign a Mac app before distributing it outside the Mac App Store.

Developer ID Installer

• Developer ID Installer: Team Name Used to sign and distribute a Mac Installer Package, containing your signed app, outside the Mac App Store

Once codesigned you can also simulate the launch behavior of your app when Gatekeeper is enabled from Terminal.app:

spctl -a -v Carousel.app

./Carousel.app: accepted
source=Developer ID

The Developer ID Application certificate allows your app to run with Gatekeeper on the setting "allow apps downloaded from Mac App Store and identified developers"

这篇关于我应该使用哪个证书来签署我的 Mac OS X 应用程序?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！