我有一个Mac应用程序,我使用终端的'productsign'命令签名
productsign --sign "3rd Party Mac Developer Installer: My company (dasdfjkaj)" InstallerUnsigned.pkg InstallerSigned.pkg productsign: signing product with identity "3rd Party Mac Developer Installer: My company (dasdfjkaj)" from keychain /Users/me/Library/Keychains/login.keychain productsign: adding intermediate certificate "Apple Worldwide Developer Relations Certification Authority" productsign: Wrote signed product archive to InstallerSigned.pkg
然后我运行了评估命令
spctl -a -v --type install InstallerSigned.pkg InstallerSigned.pkg: accepted
我还检查了签名
pkgutil --check-signature InstallerSigned.pkg Package "InstallerSigned.pkg": Status: signed by a developer certificate issued by Apple Certificate Chain: 1. 3rd Party Mac Developer Installer: My company (dasdfjkaj) 2. Apple Worldwide Developer Relations Certification Authority 3. Apple Root CA
当我从我的机器运行安装程序(将Gatekeeper设置为"Mac App store并确定开发人员")时,它运行正常.在我将其部署到我的网站后下载相同的pkg时,它也正确安装.
但是......当我在另一台机器上下载pkg时,它无法安装.它无法识别我的开发者ID.当我在失败的机器上运行spctl命令时,我得到了
spctl -a -v --type install InstallerSigned.pkg InstallerSigned.pkg: rejected
有谁知道为什么它在我自己的机器上运行良好但在pkg在另一台机器上运行时失败?我真是出于想法:/
编辑:这是我得到的
spctl --list --type execute 3[Apple System] P0 allow execute anchor apple 4[Mac App Store] P0 allow execute anchor apple generic and certificate leaf[field.] exists 5[Developer ID] P0 allow execute anchor apple generic and certificate 1[field.] exists and certificate leaf[field.] exists 7[GKE] P0 allow execute [(gke)] cdhash H"" 10[GKE] P0 allow execute [(gke)] cdhash H"" 14[GKE] P0 allow execute [(gke)] cdhash H"" 15[GKE] P0 allow execute [(gke)] cdhash H"" 18[GKE] P0 allow execute [(gke)]
l'L'l.. 5
这些是您需要一起使用以进行代码签名的证书:
开发者ID安装程序
开发者ID申请
第三方Mac Developer Installer(通常仅用于AppStore应用程序).
如果没有提交到AppStore,您将使用" 开发人员ID安装程序 "证书.对于具体的代码签名部分,您需要使用" 开发者ID应用程序 "证书.
Apple Developer Codeigning工作流程指南
这些是您需要一起使用以进行代码签名的证书:
开发者ID安装程序
开发者ID申请
第三方Mac Developer Installer(通常仅用于AppStore应用程序).
如果没有提交到AppStore,您将使用" 开发人员ID安装程序 "证书.对于具体的代码签名部分,您需要使用" 开发者ID应用程序 "证书.
Apple Developer Codeigning工作流程指南