top | item 40047653

(no title)

bebop | 1 year ago

Basically. The first part is creating a certificate request for a developer certificate, then apple creates a signing certificate for you. Then each executable part of your distribution needs to be signed with that signing certificate.

The second part is the notarization. This is where you upload a .zip, .pkg, or .dmg to apple and they build a hash of your distribution and serve that to folks through gatekeeper. You can also staple the notarization to the package and then you don’t need to talk to the apple servers.

This way apple can revoke your notarization and users will get warnings about your software being maleware.

discuss

No comments yet.