toggle quoted messageShow quoted text
Sorry didn’t explain properly Alex. It is a macOS app.
The license issue is about whether, for now, I can sign the application with the license file in /Contents in the bundle.
Or, as each license is different, I need to place it outside the bundle.
I couldn’t determine, from the docs to hand, whether putting the license in the bundle would be a problem in the context of signing.
I’ll share what unfolds !
Book suggestion looks good - have got a copy on the way !
Have been looking at the keychain as a home for the license file as part of the reorg for signing.
I’m not sure I understand. Your license for a purchaser and the code signing should be two different things. If you grant a license to a purchaser, then simply storing the license value in the keychain should be all you need for that, but you still will need to sort out code signing separately.
You also mentioned notarizing. The book existed before that process, but the concepts in chapter 4 are foundational to wrap your head around code signing.
It just occurred to me that since you’re notarizing your app you need to code sign a Mac app. not an iOS one. It’s still really important to understand the guts behind code signing and the book will help.
Here is a brief on Mac app notarizing that may help.
Note the details about Hardened Runtime. Is that enabled in your app?
Good luck. Please share what you find.
FYI, you should be storing the license in a more secure location such as the keychain.
Chapter 4 of Essential Build and Release by Ron Roche is what got me what I needed to learn.
I finally need to sign an app that has been running for some time. I’m looking at what docs I can find and two questions emerge.
1. Could anybody point me at the best instructions for code signing / notarisation - I have never done it before.
I’ve looked at the docs in Xcode and they seem to raise more questions than they solve.
2. I currently squirrel away the license file for each install in the Contents folder of the bundle.
The license file is a simple text file and is different for each install.
I wondered if this is going to cause problems in the context of code signing ?