Requirements for Code-Signing Support for macOS or OS X–Based Installers
InstallAnywhere 2020 SP1
The following requirements must be met for code signing macOS or OS X–based installers:
|
•
|
The OS X–based installer must be built on a macOS or OS X–based system. |
|
•
|
All code signing must be done on systems that are running OS X 10.9 or later (including macOS), since these versions can create version 2 signatures. Version 1 signatures, which are created by earlier versions of OS X, are not recognized by Gatekeeper on systems with OS X 10.9 and later (including macOS) and are considered obsolete. Files that are signed with version 2 signatures will work on OS X 10.8 and later (including macOS). To learn more, see Technical Note TN2206: OS X Code Signing in Depth in the Mac Developer Library. |
|
•
|
A Developer ID Application certificate must be used to sign the files. The certificate should be added to the login keychain—not the system keychain—on the machine that is going to be used for code signing, and the same user account that was used to add the certificate to the login keychain should be used to sign files. |
|
•
|
If you plan on performing builds through the command-line console, ensure that the certificate has been granted access to be used by all applications. |
|
•
|
Ensure that the latest Xcode IDE and all of its default SDKs are installed on the machine that is going to be used for code signing. |
|
•
|
The build target for an installer that requires authentication must be macOS or OS X; generic UNIX–based build targets do not support authentication on macOS or OS X–based systems. |
|
•
|
Merge modules cannot use authentication independently. To deploy a merge module that requires authentication, you must authenticate the parent installer. |
See Also
Code Signing Your macOS or OS X–Based Installers and Including Authentication Support
Verifying that Your Code-Signing Output Files Are Working as Expected on macOS or OS X–Based Target Systems
Open topic with navigation