Non-Apple Issued Code Signing Certificate: Can it Work with Mac OS 10.8 Gatekeeper?

code-signing osx-mountain-lion osx-gatekeeper
GNat picture GNat · Aug 6, 2012 · Viewed 12.9k times · Source

Our company develops our application for both OS X and Windows. We have an existing purchased code signing certificate from a non-Apple authority we use to ID our Windows installers. We distribute both our DMGs & MSIs through our own company website.

The code signing guide for Mountain Lion's new Gatekeeper feature seems to imply that a non-Apple issued standard certificate would work. I could misinterpreting what "third-party" means in this case.:

Note: Apple uses the industry-standard form and format of code signing certificates. Therefore, if your company already has a third-party signing identity that you use to sign code on other systems, you can use it with the OS X codesign command...

Is it possible to use this non-Apple certificate, and if so, how could it be incorporated using the command line "codesign" command?

Answer

Agent86 picture Agent86 · Jul 26, 2013

Cannot take credit for this, but the blunt answer is:

NO

I just spent a good three days converting certificates and searching the internets to find these:

http://successfulsoftware.net/2012/08/30/how-to-sign-your-mac-os-x-app-for-gatekeeper/ http://www.panic.com/blog/2012/02/about-gatekeeper/ http://arstechnica.com/apple/2012/02/developers-gatekeeper-a-concern-but-still-gives-power-users-control/

Related questions

Java applet with self-signed certificate on OS X Mountain Lion

We have a Java applet that needs to run with full trust. While developing and during pre-release tests we sign it using a self-signed certificate (the production version is signed with a real code signing certificte). But when we try …

Read More
How to sign a Mac OS X application in Linux?

For OS X, I distribute my Java application inside a DMG. Since Mountain Lion's release, opening the app gives the following error message: [app name] is damaged and couldn't be opened. You should eject the disk image. Apparently the fix …

Read More
Code signing is required for product type 'Application' in SDK 'iOS 10.0' - StickerPackExtension requires a development team error

I am facing the below issue and am unable to build the application. XXX has conflicting provisioning settings. XXX is automatically provisioned, but provisioning profile WildCard has been manually specified. Set the provisioning profile value to "Automatic" in the build …

Read More