Rate this article: (14 votes, average: 3.64)
Whether you’re here because you’re looking for a “macOS codesign” solution or another variation of the statement, we’ve got you covered. If you’re thinking of signing your file or software using a certificate authority in macOS, you’re definitely thinking in the right direction.
A code signing certificate is a great way to protect software from being compromised and provides assurance to users that the software/app they’re about to install is from you and is genuine. Because it asserts your company’s name and signature, the code signing process establishes an element of trust in a user’s mind. And, as a result, enhances reputation of your company.
So you want to sign something with a code signing certificate in macOS? Let’s get started.
Note: Apple has made changes to the settings in GateKeeper. As a result, it changes the way OSX handles certificates from non-Apple certificate authorities and commands the system to disallow ALL certificates that are not issued by Apple. However, after many years, Apple’s operating systems have started recognizing other certificate authorities but there’s not been change in the default setting to allow certificates from other CAs to work at their full potential. Due to this, we cannot guarantee whether certificates from other CAs will be supported by OSX natively or not. Nonetheless, it works with Java on the OSX platform.
First, locate your certificate in the Mac Keychain Access Manager if you’ve used that to collect your certificate. If you didn’t use the Keychain Access Manager, implement the first five instructions outlined below. If you did, jump straight to the sixth point.
codesign -s "Company Name" " /Applications/Utilities/My App.app"
(For the file name, use the full path. If you don’t know your certificate’s common name, no worries — you can locate it in the keychain access manager.)
Hit Enter and confirm, if prompted. Yeah, it doesn’t get much easier than that.
But now that your code is signed, how do you check to ensure the codesign in macOS was successful?
Verifying the signature, especially when the application is coming from a third-party source, is quite important since it has higher probability of getting altered. Here’s a command through which we can verify the signature:
codesign -v "/Applications/Utilities/My App.app"
(Use full path for the file name.)
Didn’t get any response? If so, the app is signed and unaltered.
Another way you to verify the signature is through the “codesign” command. Here’s how it looks:
code sign -dv --verbose=4 /Applications/Utilities/My App.app
(For the file name, use the full path)
If you don’t receive any response, then your app is signed and you’re good to go!
Looking for a new code signing certificate? Look no further:
Want to sign your software to assure users and make installation easier? We sell all Comodo code signing certificates at up to 58% off.
View Code Signing Certificates