Sign application

 

Using a digital code signing certificate confirms the code’s origin and assures users that a malicious third party has not inserted malware. The signature is also analyzed from the operating system when a file is downloaded.

 

Starting from the latest Mavericks version (10.9.5) you need to sign the .APP file and in case you have an own installer package, the installer package too. To get a certificate, you have to register as an Apple Developer - https://developer.apple.com and request a certificate for: Developer ID Application

 

This applies only for download versions.

 

If you do not sign the files, the user would get the following message:

 

mac-install-unidentified-dev

 

The user would then have to change the security setting (allow apps downloaded from Anywhere), to allow to run your APP

 

mac-configure-download

 

 

Signing the files

The following steps require that you are familiar with the MAC code signing. For details check this article

 

You only have to sign your .APP file. The Licence Protector Framework is already signed.
Start the Terminal application
Codesign -f -s 'Developer ID Application: Your Company (YOUR ID)'   /projects/Font3forMAC.app

 

In this example the name of the protected application would be: Font3forMAC.

 

To test if the file signature is OK

 

codesign --verify --verbose  /projects/Font3forMAC.app

 

Now you can ZIP the file or create a download package, which you would have to sign with an installer certificate.

 

 

i_green_sm

If you use Dropbox to backup your files, symbolic links which are used by the Licence Protector framework, are converted into real folders. Although the framework would still work, the signature is broken. Zip the framework (and your app) or use iCloud instead.