我们正在构建Mac OSX安装程序(安装程序类型为' Mac OSX Folder')并使用开发者ID证书对其进行签名。在“常规设置”中提供了证书路径 - >代码签名'并在.m2 / settings.xml字段中添加证书的密码和密码。构建成功没有任何错误。
在使用' codesign'验证OSX 10.12中的构建时以下命令是输出。
$ codesign -dvvv ~/Downloads/xxxxx_OSX-X64_1_3_4.dmg
Executable=/Users/admin/Downloads/xxxxx_OSX-X64_1_3_4.dmg
Identifier=xxxxx_OSX-X64_1_3_4
Format=disk image
CodeDirectory v=20100 size=169 flags=0x0(none) hashes=1+2 location=embedded
Hash type=sha256 size=32
CandidateCDHash sha256=6e0ce9b3323f355070abf166b0d1da2dabddc2f4
Hash choices=sha256
CDHash=6e0ce9b3323f355070abf166b0d1da2dabddc2f4
Signature size=7237
Authority=Cygilant
Authority=thawte SHA256 Code Signing CA
Authority=thawte Primary Root CA
Timestamp=Dec 3, 2017, 10:03:19 PM
Info.plist=not bound
TeamIdentifier=not set
Sealed Resources=none
Internal requirements count=1 size=36
尝试打开dmg文件时,显示错误,因为可执行文件无法从未经授权的开发人员处打开。应用程序未使用证书正确签名吗?我们错过了什么吗?
--- ----更新
当我在安装的路径上验证应用程序安装程序(.app文件夹)时,这是输出。
$ codesign --verify -dvvv /Volumes/xxxxxx/xxxxx\ Installer.app
Executable=/Volumes/xxxxxx/xxxxxx Installer.app/Contents/MacOS/JavaApplicationStub
Identifier=com.install4j.xxxxxxx.2509
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20100 size=1203 flags=0x0(none) hashes=32+3 location=embedded
Hash type=sha256 size=32
CandidateCDHash sha256=490399e96743dcca06dae7622afdb60e1adeab42
Hash choices=sha256
CDHash=490399e96743dcca06dae7622afdb60e1adeab42
Signature size=7237
Authority=Cygilant
Authority=thawte SHA256 Code Signing CA
Authority=thawte Primary Root CA
Timestamp=Dec 3, 2017, 10:03:03 PM
Info.plist entries=26
TeamIdentifier=not set
Sealed Resources version=2 rules=12 files=23
Internal requirements count=1 size=36
这是否意味着安装程序已正确签名?