Apple Distribution certificate support

[mahnunchik]

Hi,

It seems Apple Distribution certificates not supported.

https://help.apple.com/xcode/mac/current/#/dev3a05256b8 Apple Distribution Sign your apps for submission to the App Store or for Ad Hoc distribution. For use with Xcode 11 or later.

[sethlu]

Hi @mahnunchik! As far as I know the Apple Distribution certificates are designed to be used with Xcode only... like it's not for manual codesiging?

[mahnunchik]

Hi @sethlu

I've checked the Apple Distribution / Development certificates are supported. But there are lack of documentation on Apple and this module side.

[sethlu]

Oh I see 👌 The new certificates seem to be taking over the existing certificates. How does it sound if we have electron-osx-sign do the following?

• For development: Try Apple Development, then Mac Developer
• For distribution: Try Apple Distribution, then 3rd Party Mac Developer Application or Developer ID Application depending on the Electron build?

For now, a workaround would be to provide an --identity="Apple Distribution" option to override the default electron-osx-sign behavior.

---

Currently electron-osx-sign chooses Developer ID Application for signing development builds... Here's a PR that suggests defaulting all development builds to be signed with Mac Developer identity: https://github.com/electron/electron-osx-sign/pull/183

[sethlu]

Sorry about the delay, I took a closer look at the documentation again and it seems that the Apple Development and Apple Distribution certs only apply to apps submitted to the (Mac) App Store.

Apple Development For iOS, tvOS, or watchOS apps, run the app on devices and use app services during development. For macOS apps, use app services during development and testing. Note: Available in Xcode 11.0 and later. For earlier Xcode versions, use an iOS Development or Mac Development certificate.

Apple Distribution For iOS, tvOS, or watchOS apps, run the app on designated devices for testing or submit it to the App Store. For macOS apps, sign an app before distributing it through the Mac App Store. Note: Available in Xcode 11.0 and later. For earlier Xcode versions, use an iOS Distribution or Mac App Distribution certificate.

Ref: https://help.apple.com/xcode/mac/current/#/dev3a05256b8

---

Here's an updated version...

• Targeting inside the Mac App Store
  • For development: Try Apple Development, then Mac Developer
  • For distribution: Try Apple Distribution, then 3rd Party Mac Developer Application
• Targeting outside the Mac App Store
  • Always try Developer ID Application for development/distribution

A PR will be up in a few minutes with this implementation.

[mahnunchik]

Any news?