How can you create your own personal certificate suitable for signing your apps? Uses Certificate Assistant, and free of cost.
certificates
Should you use ad hoc signing, or make your own personal certificate? Why would you want to sign a script or app you have made?
The differences between a full Gatekeeper check, an AMFI check for integrity, and a normal app open, and why signature errors can be tolerated.
Whenever an app is opened in 10.14.2, its signature is checked asynchronously, often several times. But in many cases, macOS doesn’t act on any errors returned.
Another worthless piece of “security theatre” about bundle signatures. I wouldn’t bother reading it, or downloading the new version of Signet.
Is checking bundle signatures a waste of time once they have passed their ‘first run’ check? Does macOS ever do that?
Has your Mac got any old apps and other bundles on it? Have their signing certificates been revoked, or are they perhaps unsigned? Here’s a new app to help you find out.
Authentication dialogs to permit access to your keychain are supplied by the macOS security system, and follow a strict pattern.
The workhorses of computer security, message digests and security certificates, are in the process of changing. Some disruption will result.
Another ‘scripting’ exercise in Swift starts with time wasted sorting out signing. But it does get better after that.
The Eclectic Light Company 