(11 votes, average: 4.64 out of 5)
To sign software, Apple provides an efficient and effortless mechanism to its users. You only need a device running macOS and it will sign the code in minimal time. Moreover, Apple provides a built-in mechanism, known as codesign utility similar to signtool in Windows, which you have to utilize for the signing procedure.
But, make sure to only purchase an authentic Apple Code Signing Certificate, to prevent compatibility and other issues. So, avail yourself of your Code Signing Certificate and start with the signing process.
Before you utilize the codesign utility on macOS, the certificate must be installed on your machine. And the latest version of the terminal must be present.
Therefore, you must check the below points every time before starting signing applications for Apple devices.
Double-click on the Code Signing Certificate in the browser. The system will ask you to input the password. And once it gets verified, the machine will install the certificate.
Verify the installation by going to Keychain Access Manager and viewing your certificate under the My Certificates option.
After installing the certificate and updating the system, execute the below steps to codesign software:
Step 1: Open the Terminal.
Step 2: Run the following command.
codesign -s "Common Name" /path/to/YourAppleAppName.app
After executing the command, the system will digitally sign your application. Just replace the Common Name and /path/to/YourAppleAppName.app in command with your information and you are ready to go.
However, sometimes the system can show you an error “CSSMERR_TP_NOT_TRUSTED” due to the non-presence of an intermediate certificate. But, you can easily resolve it through the following method:
Step 1: View the details of your Code Signing Certificate and note down the Common Name of the issuer.
Step 2: Download the intermediate certificate and install it on the same machine.
Step 3: Again, execute the codesign utility command, and this time it will get executed seamlessly.
Whenever you digitally sign any file on a macOS device, always verify it by running the following command:
codesign -v /path/to/YourAppleAppName.app
If it doesn’t show any error, it means that your application is signed and aligned with security standards.
Whenever you have to sign an application on macOS, always use the codesign utility. And before using it, update the terminal and the operating system version to prevent errors.
In addition, install the Code Signing Certificate in the Keychain Access Manager to effortlessly fetch it during the signing procedure.