Leak_Technologies/HULL
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add macOS code sign/notarization setup doc

Browse Source
This commit is contained in:
Tim Angus 2025-09-25 12:06:54 +01:00
parent 2b2cb45b1e
commit 77b868e7e7
1 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
docs/macos-codesign-notarization.txt Normal file
View File

@ -0,0 +1,46 @@
Code Signing
1. Open Keychain Access
2. Goto Keychain Access -> Certificate Assistant -> Request a Certificate From
a Certificate Authority...
3. Enter Apple Developer Account email address for User Email Address
4. Select Request is: Saved to disk
5. Click Continue and save the CSR to disk
6. Sign in to account at https://developer.apple.com/account
7. Click Certificates, then the plus icon to add a certificate
8. Select "Developer ID Application" and click Continue
9. Upload the previously created CSR, then download the signed certificate
10. Locate it in Finder and double click, importing it into the 'login'
keychain
11. In Keychain Access, click the login keychain, then My Certificates
12. Find the imported "Developer ID Application" certificate, then right click
and select Export
13. Select to save as .p12, and set a secure password
14. Open a command line, and run base64 -i <certificate.p12> on the exported
certificate
15. Copy the output to the clipboard
16. On the GitHub repo, go to Settings -> Secrets and variables -> Actions
17. Click New repository secret and enter APPLE_CERTIFICATE_P12_BASE64 for the
Name
18. Paste the contents of the clipboard for the Secret
19. Set a secret, APPLE_CERTIFICATE_PASSWORD for the password created above
20. Set a secret, APPLE_CERTIFICATE_ID that matches the certificate name; under
normal circumstances "Developer ID Application" should be sufficient
Notarization
1. Sign in to https://account.apple.com/sign-in
2. Create an App-Specific Password named "Notarization"
3. Set a secret, APPLE_NOTARIZATION_USERNAME to your Apple ID
4. Set a secret, APPLE_NOTARIZATION_PASSWORD to the newly created password
3. Set a secret, APPLE_TEAM_ID to your Apple Developer Account Team ID, which
can be found in the Membership Details section at
https://developer.apple.com/account
Note: GitHub secrets cannot be retrieved in plain text, even by the repository
owner, so securely store any values you may want to re-enter later