Re: code signing strategies
Re: code signing strategies
- Subject: Re: code signing strategies
- From: Nico Schmidt <email@hidden>
- Date: Thu, 1 Apr 2010 08:25:39 +0200
Thanks, Graham.
That makes sense. And indeed, when i put my certificate into the system keychain and mark it as trusted it works.
Cheers,
Nico
On 31.03.2010, at 17:19, Graham Lee wrote:
> If your certificate is marked as trusted _in your login keychain_, then most of the OS doesn't believe that it's trusted. That's expected - the rest of the OS isn't you. If it's trusted by a Local or System-domain keychain, you do better.
>
> Cheers,
> Graham.
>
> On 31 Mar 2010, at 16:15, Nico Schmidt wrote:
>
>> FWIW,
>> I played around with task_for_pid and codesigning a bit and did not get it to work with my self-signed and trusted certificate.
>> codesign -vvv -R="anchor trusted" returns:
>> valid on disk
>> satisfies its Designated Requirement
>> explicit requirement satisfied
>>
>> If I used however an Apple-signed certificate I had lying around for iPhone development, task_for_pid worked.
>> Does that make sense to anyone?
>
> --
> Graham Lee
> http://blog.securemacprogramming.com/
> Pre-order now! - Professional Cocoa Application Security
> http://www.amazon.co.uk/gp/product/0470525959?ie=UTF8&tag=thaeofer-21&linkCode=as2&camp=1634&creative=6738&creativeASIN=0470525959
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden