Signing mac apps for direct distribution so as to not anger gatekeeper

ArthurDentArthurDent USMember ✭✭

I have been trying to follow the procedures described on this page:

https://developer.xamarin.com/guides/mac/deployment,_testing,_and_metrics/publishing_to_the_app_store/

which has a misleading title, because as well as information on publishing to the app store in also has sections on signing apps for direct distribution.

However I can't get the procedure to work.

What would be really helpful would be a page that is just about signing apps for direct distribution instead of having it all smushed up together on one page, which is consequently very long and difficult to work with.

None of what I have done so far has succeeded in being able to get Xamarin Studio to make a .pkg file that will run on a test Mac device and not trigger the "not from app store or a known developer" message.

I'm wondering if I have misunderstood and Xamarin Studio is not actually able to do this?
Do I need to be using other tools, or is it possible to create a signed .pkg from Xamarin Studio that works with gatekeeper enabled?

Posts

  • ChrisHamonsChrisHamons USForum Administrator, Xamarin Team Xamurai

    Paging @KMullins for the comments on documentation ^.

    If you want to just have a signed packages, have you tried:

    Build -> Archive for Publishing
    Sign and Distribute
    Mac Installing Package

    That is the process I've seen others use successfully.

  • ArthurDentArthurDent USMember ✭✭

    Oh... golly... that sounds easy.

    To get the .pkg file, I have just been ticking the checkbox for "Create installer package" on the "Build" tab of the project options and then doing a rebuild.
    Sure enough the .pkg file gets created, but does not play nice with Gatekeeper...

    I'll try what you suggest. Thank you very much.

  • ChrisHamonsChrisHamons USForum Administrator, Xamarin Team Xamurai

    Let me know if this doesn't work. We have a few different paths, and not all of them do all things easily.

    And code signing in general is Hard (tm).

  • ArthurDentArthurDent USMember ✭✭

    My latest thought about this, is that it is all a function of my own stupidity... (although I'm not completely certain)

    I have an obfuscation process going on in the build and I notice that it is happening AFTER SIGNING !

    In our iOS build we are getting this to happen after building but before signing by using:

    BeforeTargets="_CompileToNative"

    But this is not working in the Mac build.

    Could you suggest how I can make a build step happen after building but before signing on Mac builds?

  • ChrisHamonsChrisHamons USForum Administrator, Xamarin Team Xamurai

    Yeah. Doing anything pretty much after signing will break you terribly.

    Hmm. If you are using Xamarin.Mac Unified, _CompileToNative is invoked to generate your bundle. There isn't any difference here that I know of.

    You could also do:

    • obfuscation
    • resign

    but that is less than optimal.

Sign In or Register to comment.