Skip to content

Commit d874fc2

Browse files
chenneschennes
authored
Create codesigning
1 parent 41842d6 commit d874fc2

File tree

1 file changed

+38
-0
lines changed

1 file changed

+38
-0
lines changed

technical/codesigning

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
---
2+
layout: default
3+
---
4+
5+
# Signing the FreeCAD executables and installers
6+
7+
## Mac OS
8+
9+
### Prerequisites
10+
11+
You must be a member of Apple's Developer program to generate and use signing keys. Information can be found at https://developer.apple.com
12+
13+
To sign an app you must have a "Developer ID Application" certificate. These can be created on the
14+
Certificates, Identifiers & Profiles page of your Apple Developer account. Once it is created, download the certificate onto your computer
15+
and install it into one of your Keychains (double-click on the certificate to open and install it).
16+
17+
The easiest way to upload an app for notarization is to create an App Store Connect API Key at https://appstoreconnect.apple.com . This is
18+
a file that resides on your computer and can be referenced by the notarization upload tool.
19+
20+
Note that the Intel bundles must be signed on an Intel machine, and the ARM bundles must be signed on an ARM machine.
21+
22+
### Signing process
23+
24+
Once the prerequisites above are met, actually signing the FreeCAD.app bundle is straightforward:
25+
1. Create a folder that represents the final disk image. In general it should have the FreeCAD.app bundle in it, and an alias to /Applications.
26+
2. Copy the file *src/Tools/macos_sign_and_notarize.sh* to the location that contains that folder (not to within the folder itself).
27+
3. Edit the script to set the name of the folder as well as the release number information and architecture of your machine.
28+
4. Set an environment variable called `FREECAD_SIGNING_KEY_ID` to the ID of your "Developer ID Application" certificate. You can find the
29+
ID by running `security find-identity -p basic -v`.
30+
5. Run the script. This will take several minutes, as it scans the bundle for all shared library and executable objects and signs them with
31+
the specified certificate. It will automatically createa DMG, submit it for notarization, and staple the final authorization from Apple to
32+
the disk image.
33+
34+
Once complete, the disk image is ready for distribution.
35+
36+
## Windows
37+
38+
TBD

0 commit comments

Comments
 (0)