Gatekeeper signing for OSX DMGs outside of OSX/XCode/Mac App Store?

psychotik picture psychotik · Mar 16, 2012 · Viewed 7.2k times · Source

From looking at notes for the upcoming OSX version (the one after OSX Lion), it appears that all DMGs/installers need to be signed, even if not distributed via the Mac App store.

I couldn't find a command-line tool to do this signing though, or much documentation about obtaining a signing cert without submitting to the App Store.

Can someone shed light on: 1) How to obtain a certificate without distributing you app via the Mac App Store? 2) How to sign a DMG without using built-in XCode tools (preferable a cross-platform tool)?

Thanks!

Answer

Yahia picture Yahia · Apr 14, 2012

Codesigning is described in detail here and here - basically you need to obtain a cert and then you can sign your application... AFAIK there is currently no official docs on signing the DMG itself. As for your second question (cross-platform signing) there no such tool available (at least none that is officially supported by Apple). As for information regarding future OS X version(s) I highly recommend asking on the proper Apple-Forums (usually there are also forums for NDA-related things).