Yesterday, I explained how you can ensure that macOS 10.15 Catalina will open an app which doesn’t meet […]
spctl
Now can check apps (bundles with the extension .app) to determine whether they’re notarized, from Apple, App Store, etc.
It took 5 apps, 4 command tools in 6 commands, 2 developer certificates and an app-specific password for 260 lines of code.
Notarization is already required for some kernel extensions and apps, even in 10.14.5. So how do you tell whether an app or code bundle is notarized?
Testing at the command line, with What’s Your Sign?, and according to the requirements of the signature.
How to perform ad hoc signing, signing with a personal certificate, and set signing up in Xcode.
How can you create your own personal certificate suitable for signing your apps? Uses Certificate Assistant, and free of cost.
Should you use ad hoc signing, or make your own personal certificate? Why would you want to sign a script or app you have made?
Over the last year, I have come across many Macs which have been left with serious vulnerabilities. Here are four common ones, and how to put them right.
How my apps were correctly signed, but using the wrong certificate. They passed all tests here, but would not come out of quarantine normally on other systems.
