4

I'm distributing my macOS app outside the App Store and so far I've never code-signed it. My app targets advanced users who know how to configure macOS to allow the app to run.

With the arrival of the Apple M1 computers, however, things have changed as code-signing seems to be mandatory now for native Apple Silicon apps. That's why I'd like to ask: Is it sufficient to sign my app using a self-signed certificate when distributing it outside the App Store? Will it be possible for users who download an app that was signed using a self-signed certificate to run that app?

I'd expect that Gatekeeper will probably block such an app first because it was signed using a self-signed certificate but will users be able to override Gatekeeper's veto in the security settings (as it was previously the case with non-signed apps)?

Or do all apps built for Apple Silicon have to be signed with an official Apple certificate? I'd like to avoid that because last time I checked this was $99 per year.

Andreas
  • 9,245
  • 9
  • 49
  • 97

1 Answers1

2

You can codesign with ad-hoc feature. codesign -s - -f /path/to/filename. This doesn't need certificate.

isuruf
  • 2,323
  • 12
  • 14
  • AFAIU ad hoc signed code will only run on the machine it was signed on. This won't allow me to distribute my app to others. – Andreas Dec 28 '20 at 20:00
  • No, ad hoc signed code will run just fine. I've tried it and the executables work fine when moved to a different apple silicon machine. – isuruf Dec 28 '20 at 20:16
  • Have you signed the whole app bundle or just the main executable in `Name.app/Contents/MacOS`? – Andreas Dec 28 '20 at 20:37
  • I've only tried executables, not app bundles. – isuruf Dec 29 '20 at 22:24
  • @isuruf Using your suggestion for both the app bundle and the dmg saved my day. I can at least get my summer swim league app installed onto coaches' Macs without paying the $99/yr fee. I don't make any money off the app but it keeps 6 coaches very happy not to have to seed meets by hand. (They cannot afford any of the pro swim team software out there.) I'd give you the check mark, but I didn't ask the question. Sorry. – pfurbacher Jun 25 '23 at 23:44