Djo*_*vic 4 macos installer certificate package osx-gatekeeper
我有一个Mac应用程序,我使用终端的'productsign'命令签名
productsign --sign "3rd Party Mac Developer Installer: My company (dasdfjkaj)" InstallerUnsigned.pkg InstallerSigned.pkg
productsign: signing product with identity "3rd Party Mac Developer Installer: My company (dasdfjkaj)" from keychain /Users/me/Library/Keychains/login.keychain
productsign: adding intermediate certificate "Apple Worldwide Developer Relations Certification Authority"
productsign: Wrote signed product archive to InstallerSigned.pkg
然后我运行了评估命令
spctl -a -v --type install InstallerSigned.pkg
InstallerSigned.pkg: accepted
我还检查了签名
pkgutil --check-signature InstallerSigned.pkg
Package "InstallerSigned.pkg":
Status: signed by a developer certificate issued by Apple
Certificate Chain:
1. 3rd Party Mac Developer Installer: My company (dasdfjkaj)
2. Apple Worldwide Developer Relations Certification Authority
3. Apple Root CA
当我从我的机器运行安装程序(将Gatekeeper设置为"Mac App store并确定开发人员")时,它运行正常.在我将其部署到我的网站后下载相同的pkg时,它也正确安装.
但是......当我在另一台机器上下载pkg时,它无法安装.它无法识别我的开发者ID.当我在失败的机器上运行spctl命令时,我得到了
spctl -a -v --type install InstallerSigned.pkg
InstallerSigned.pkg: rejected
有谁知道为什么它在我自己的机器上运行良好但在pkg在另一台机器上运行时失败?我真是出于想法:/
编辑:这是我得到的
spctl --list --type execute
3[Apple System] P0 allow execute
anchor apple
4[Mac App Store] P0 allow execute
anchor apple generic and certificate leaf[field.<I removed this>] exists
5[Developer ID] P0 allow execute
anchor apple generic and certificate 1[field.<I removed this>] exists and certificate leaf[field.<I removed this>] exists
7[GKE] P0 allow execute [(gke)]
cdhash H"<I removed this>"
10[GKE] P0 allow execute [(gke)]
cdhash H"<I removed this>"
14[GKE] P0 allow execute [(gke)]
cdhash H"<I removed this>"
15[GKE] P0 allow execute [(gke)]
cdhash H"<I removed this>"
18[GKE] P0 allow execute [(gke)]
这些是您需要一起使用以进行代码签名的证书:
开发者ID申请
如果没有提交到AppStore,您将使用" 开发人员ID安装程序 "证书.对于具体的代码签名部分,您需要使用" 开发者ID应用程序 "证书.
Apple Developer Codeigning工作流程指南
| 归档时间: |
|
| 查看次数: |
2883 次 |
| 最近记录: |