productsign mac .pkg installer

Question

productsign mac .pkg installer

6.1k views Asked by Apoorva Manjunath At 03 September 2015 at 12:23

I need to sign a MacOS installer with .pkg extension. I have a .pfx certificate and added it to Keychain. It contains both certificate and the private key.

But when I try to sign this .pkg using productsign utility, it shows an error as :

productsign --sign "commonName" unsigned.pkg signed.pkg

productsign: error: Could not find appropriate signing identity for “commonName”. An installer signing identity (not an application signing identity) is required for signing flat-style products.

Original Q&A

There are 2 answers

**cdoughty** · Answer 1 · 2017-09-20 15:59:29

These steps work for us:

Unlock the keychain:

security unlock-keychain -p {keychain_password} /Users/{your_user}/Library/Keychains/login.keychain-db

List the available signing identities:

Note: Code signing identities cannot be used to sign a pkg in mac. You can find these by adding -p codesigning to the below command.
```
security find-identity -v
```
Sign an installer using productsign:

Note: The identity can typically be the long hex code from the above command:
```
productsign --sign "{your_identity}" original.pkg signed.pkg
```

**Silve2611** · Answer 2 · 2015-09-14 19:26:04

Silve2611 On 14 September 2015 at 19:26

You have to find out what the name of your pfx is and replace the "commonName" with it.

U should search for something like "Developer ID Application: ..." to sign the package.

TechQA.

productsign mac .pkg installer

There are 2 answers

Related Questions in MACOS

Related Questions in SIGN

Related Questions in PKG-FILE

Related Questions in PRODUCTSIGN

Popular Questions

Popular Tags

Trending Questions