Skip navigation

PackageMaker code-sign issue with chained certificates

1567 Views 4 Replies Latest reply: May 31, 2012 8:44 AM by Ashvin Savani RSS
mtayyab Calculating status...
Currently Being Moderated
May 16, 2012 8:01 AM

I am using PackageMaker software that comes with MacOSX developer tools. I need to codesign the package so I provide a certificate purchased from third-party in PackageMaker but when users run my installer on their MacOSX, they get certificate invalid warning.

 

The problem is because my codesign certificate have "Intermediate Certificate" and it seems like PackageMaker software does not include the information about the Intermediate-Certificate in the package so users get warning. The same certificate works fine when I use it on Windows operating system.

 

I have used the codesigning certificate with PackageMaker before and it worked fine, however my previous certificate does not have "Intermediate-Certificate" and it was directly signed with a Trusted Root certificate.

 

Can anybody please suggest a workaround or guide me if I am doing something wrong ?

 

Thanks,

--Tayyab

PackageMaker, Mac OS X (10.7.3)
  • etresoft Level 7 Level 7 (23,895 points)

    I think you should use a Developer ID certificate from Apple. I have no idea if a third party certificate will work with Mountain Lion's gatekeeper.

  • etresoft Level 7 Level 7 (23,895 points)

    mtayyab wrote:

     

    Thanks for referring Mountain Lion's Gatekeeper as I was not aware of this upcoming change. I assume that Gatekeeper will not automatically trust other certificates but still will show the Signing Information to user when user attempts to run my application.

    The only comment I can make regarding that is that you should really, really find out. If you are shipping MacOS X software, you need to be in the developer program. Then you would have a real developer ID and you would also be able to test on Mountain Lion. Even better, just get rid of the package altogether and sell on the Mac App store.

  • Ashvin Savani Calculating status...

    How did you manage to code sign the pkg file (i mean the package file)?

    Can you please provide me the steps to code sign pkg file.

     

    Basically I too used PackageMaker software that came with MacOSX developer tools. I already had Apple certificates for Mac AppStore. I want some  preinstallation checks which can only be done thru package maker and after when my pkg file is ready want to code sign it with Apple Developer Installer Certificate.

     

    If you know how to code sign .pkg file with any of the certificates then please let me know. It would be really helpful.

     

    Thanks

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.