[Somewhat OT] Mac Code Signing - can anyone explain?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[Somewhat OT] Mac Code Signing - can anyone explain?

Graham Samuel via use-livecode
I wrote an earlier mail on this subject. Good thing nobody replied, since I more or less worked it out myself. I have now generated a couple of certificates (app and installer), so I should be able to do the code signing. However, in my Keychain Access under “My Certificates” I have a lot of folders all with the same name - com.apple.kerberos.kdc - each containing a file (key) with the same name again! How am I supposed to distinguish one from another, or don’t I have to? The Apple Developer Portal warns me to keep copies of my certificates and public and private keys, but I don’t see how to find out which ones I generated just now and which ones are just old.

It would be great to hear from someone who knows.

Graham
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

AW: [Somewhat OT] Mac Code Signing - can anyone explain?

Graham Samuel via use-livecode
Sorry my reply was for your first post. For your second post, I am always unsure myself, cause this is a job you only do once a couple of years.
I *think*, you could delete all the messed up certificates and download the one you need once. But this is not a recepie!, just my unproven thoughts. Probably somebody else can confirm or warn of this procedure.
Tiemo


-----Ursprüngliche Nachricht-----
Von: use-livecode [mailto:[hidden email]] Im Auftrag von Graham Samuel via use-livecode
Gesendet: Montag, 15. Januar 2018 11:01
An: How to use LiveCode <[hidden email]>
Cc: Graham Samuel <[hidden email]>
Betreff: [Somewhat OT] Mac Code Signing - can anyone explain?

I wrote an earlier mail on this subject. Good thing nobody replied, since I more or less worked it out myself. I have now generated a couple of certificates (app and installer), so I should be able to do the code signing. However, in my Keychain Access under “My Certificates” I have a lot of folders all with the same name - com.apple.kerberos.kdc - each containing a file (key) with the same name again! How am I supposed to distinguish one from another, or don’t I have to? The Apple Developer Portal warns me to keep copies of my certificates and public and private keys, but I don’t see how to find out which ones I generated just now and which ones are just old.

It would be great to hear from someone who knows.

Graham
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: [Somewhat OT] Mac Code Signing - can anyone explain?

Graham Samuel via use-livecode
In reply to this post by Graham Samuel via use-livecode
Hi Graham,

The keys have a date time stamp in them that is encrypted. That is how it knows which one to use. DO NOT delete your old keys. It uses them in case you have to rebuild an old application that has already been signed.

I have never done this for iOS, so don’t have any knowledge of How iOS works though I can point you to the documents that Apple provides. Xcode takes care of MacOS.

Code signing

https://developer.apple.com/support/developer-id/

https://developer.apple.com/library/content/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html

https://developer.apple.com/library/content/technotes/tn2206/_index.html#//apple_ref/doc/uid/DTS40007919


Best Regards,
Ron

> On Jan 15, 2018, at 2:00 AM, Graham Samuel via use-livecode <[hidden email]> wrote:
>
> I wrote an earlier mail on this subject. Good thing nobody replied, since I more or less worked it out myself. I have now generated a couple of certificates (app and installer), so I should be able to do the code signing. However, in my Keychain Access under “My Certificates” I have a lot of folders all with the same name - com.apple.kerberos.kdc - each containing a file (key) with the same name again! How am I supposed to distinguish one from another, or don’t I have to? The Apple Developer Portal warns me to keep copies of my certificates and public and private keys, but I don’t see how to find out which ones I generated just now and which ones are just old.
>
> It would be great to hear from someone who knows.
>
> Graham
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode