OSX 10.12.3,我有一个使用 EV 代码签名的代码包。
$ codesign --force --sign "3rd Party Mac Developer Application: myname (code...)" mypackage.pkg
但是当任何人下载并尝试在 OSX 中安装它时,他们都会得到以下信息:
在英文中,它的同一个对话框:“App can't be opening because it is from an unidentified developer”
当我检查代码符号时,我可以看到它的工作:
$ pkgutil --check-signature mypackage.pkg
Package "mypackage.pkg":
Status: no signature
$ codesign -dv --verbose=4 mypackage.pkg
Executable=/Users/xxx/xxxxxx
Identifier=xxxx
Format=generic
CodeDirectory v=20200 size=177 flags=0x0(none) hashes=1+2 location=embedded
Hash type=sha256 size=32
CandidateCDHash sha1=xx
CandidateCDHash sha256=xx
Hash choices=sha1,sha256
CDHash=xxxxx
Signature size=4715
Authority=3rd Party Mac Developer Application: xxxxx
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Signed Time=1xxx
Info.plist=not bound
TeamIdentifier=xxxxx
Sealed Resources=none
Internal requirements count=1 size=196
我如何确保其正确完成?这样它就不会吓到 OSX 用户,我在这里缺少什么?