Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: mtayyab
mtayyab Author
User level: Level 1
0 points

PackageMaker code-sign issue with chained certificates

I am using PackageMaker software that comes with MacOSX developer tools. I need to codesign the package so I provide a certificate purchased from third-party in PackageMaker but when users run my installer on their MacOSX, they get certificate invalid warning.


The problem is because my codesign certificate have "Intermediate Certificate" and it seems like PackageMaker software does not include the information about the Intermediate-Certificate in the package so users get warning. The same certificate works fine when I use it on Windows operating system.


I have used the codesigning certificate with PackageMaker before and it worked fine, however my previous certificate does not have "Intermediate-Certificate" and it was directly signed with a Trusted Root certificate.


Can anybody please suggest a workaround or guide me if I am doing something wrong ?


Thanks,

--Tayyab

PackageMaker-OTHER, Mac OS X (10.7.3)

Posted on May 16, 2012 8:01 AM

Reply
4 replies
User profile for user: mtayyab
mtayyab Author
User level: Level 1
0 points

May 23, 2012 3:56 AM in response to etresoft

Yes that is an alternate option but as I have purchased the CodeSigning ceritificate from a Trusted Certificate Provider and I am using same certificate for Windows version of my program so I prefer to use the same certiifcate for Mac OSX.


Thanks for referring Mountain Lion's Gatekeeper as I was not aware of this upcoming change. I assume that Gatekeeper will not automatically trust other certificates but still will show the Signing Information to user when user attempts to run my application.

Reply
User profile for user: etresoft
etresoft
User level: Level 8
46,324 points

May 23, 2012 5:38 AM in response to mtayyab

mtayyab wrote:


Thanks for referring Mountain Lion's Gatekeeper as I was not aware of this upcoming change. I assume that Gatekeeper will not automatically trust other certificates but still will show the Signing Information to user when user attempts to run my application.

The only comment I can make regarding that is that you should really, really find out. If you are shipping MacOS X software, you need to be in the developer program. Then you would have a real developer ID and you would also be able to test on Mountain Lion. Even better, just get rid of the package altogether and sell on the Mac App store.

Reply
User profile for user: Ashvin Savani
Ashvin Savani
User level: Level 1
0 points

May 31, 2012 8:44 AM in response to mtayyab

How did you manage to code sign the pkg file (i mean the package file)?

Can you please provide me the steps to code sign pkg file.


Basically I too used PackageMaker software that came with MacOSX developer tools. I already had Apple certificates for Mac AppStore. I want some preinstallation checks which can only be done thru package maker and after when my pkg file is ready want to code sign it with Apple Developer Installer Certificate.


If you know how to code sign .pkg file with any of the certificates then please let me know. It would be really helpful.


Thanks

Reply

PackageMaker code-sign issue with chained certificates

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up