productsign mac .pkg installer

 

I need to sign a MacOS installer with .pkg extension. I have a .pfx certificate and added it to Keychain. It contains both certificate and the private key.

But when I try to sign this .pkg using productsign utility, it shows an error as :

productsign --sign "commonName" unsigned.pkg signed.pkg

productsign: error: Could not find appropriate signing identity for “commonName”. An installer signing identity (not an application signing identity) is required for signing flat-style products.

These steps work for us:

  • Unlock the keychain: 

    security unlock-keychain -p {keychain_password} /Users/{your_user}/Library/Keychains/login.keychain-db

  • List the available signing identities:

    Note: Code signing identities cannot be used to sign a pkg in mac. You can find these by adding -p codesigning to the below command. 

    security find-identity -v

  • Sign an installer using productsign:

    Note: The identity can typically be the long hex code from the above command: 

    productsign --sign "{your_identity}" original.pkg signed.pkg

    • You have to find out what the name of your pfx is and replace the "commonName" with it.

    U should search for something like "Developer ID Application: ..." to sign the package.

    链接地址: http://www.djcxy.com/p/87264.html

    上一篇: Atlassian Bamboo命令任务没有正确运行

    下一篇: productsign mac .pkg安装程序