• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Signing with packagemaker
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Signing with packagemaker

  • Subject: Re: Signing with packagemaker
  • From: Mitchell Laurren-Ring <email@hidden>
  • Date: Wed, 23 May 2012 15:13:24 -0700
Thanks everyone for your help. I discovered that the latest version of Xcode (3.2.6) includes productsign. I was able to get a properly signed pkg using productsign.

BTW, neither of my suggestions below worked. productsign has some dependency that prevented a straight copy from an Xcode 4.2 install.

/Mick




On May 22, 2012, at 8:34 AM, Mitchell Laurren-Ring wrote:

Can I use my Developer ID application certificate to sign use packagemaker?

Can I copy the productsign command line tool from a 4.2 install to my build machine? Or does it need supporting libraries?

/Mick




On May 22, 2012, at 12:19 AM, Rustam Muginov wrote:

Then, you can not sign using Developer ID Installer certificate.
I would suggest installing Xcode 4.2 into separate folder and use only "producsign" from it, 4.2 is the latest version which running under 10.6.8
--
Sincerely,
Rustam Muginov

On May 21, 2012, at 11:53 PM, Mitchell Laurren-Ring wrote:

We have to build on 10.6/Xcode 3.x and productsign isn't available. 

/Mick
Sent from my iPad

On May 21, 2012, at 21:48, Prema Kumar <email@hidden> wrote:

Hi,

We have phased the same issue when we used the “packagemaker” command to sign the installer. We used the following command to sign. This will solve the problem.

 

productsign --sign

 

regards

Prema

 

 

From: installer-dev-bounces+prema.kumar=email@hidden [mailto:installer-dev-bounces+prema.kumar=email@hidden] On Behalf Of Mitchell Laurren-Ring
Sent: Tuesday, May 22, 2012 7:01 AM
To: email@hidden
Subject: Signing with packagemaker

 

Can the packagemaker command line tool still be used for signing installer packages? 

 

I'm using --root to build my package and then using the --sign/--certificate options to sign it. The certificate I'm using is the "install" certificate I got from Apple.

 

The installer runs fine from my build machine, but after I download it from our website, Finder reports that it may be "damaged" and advises I unmount the disk image.

 

When I run pkgutil --check-signature:

 

Package "MyPkg.pkg":

   Status: signed by a certificate trusted by Mac OS X

   Certificate Chain:

    1. Developer ID Installer: Coupons.com Incorporated

    2. Developer ID Certification Authority

    3. Apple Root CA

 

Running spctl -a -v --type install on the package gives me:

 

 CSSMERR_TP_NOT_TRUSTED

 

 

Advice anyone?

 

/Mick

 

 

 


Confidentiality notice: This message may contain confidential information. It is intended only for the person to whom it is addressed. If you are not that person, you should not use this message. We request that you notify us by replying to this message, and then delete all copies including any contained in your reply. Thank you.
 Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
References: 
 >Signing with packagemaker (From: Mitchell Laurren-Ring <email@hidden>)
 >RE: Signing with packagemaker (From: Prema Kumar <email@hidden>)
 >Re: Signing with packagemaker (From: Mitchell Laurren-Ring <email@hidden>)
 >Re: Signing with packagemaker (From: Rustam Muginov <email@hidden>)
 >Re: Signing with packagemaker (From: Mitchell Laurren-Ring <email@hidden>)

  • Prev by Date: Re: Firefox 12.0 packaging
  • Next by Date: Installation failing for subpackages when called from postinstall using installer command on 10.6
  • Previous by thread: Re: Signing with packagemaker
  • Next by thread: Re: Signing with packagemaker
  • Index(es):
    • Date
    • Thread