Signing Apps for Gatekeeper without Xcode

Some of the completed games for Retro Game Crunch will be Flash projectors. Unfortunately users running a projector in Mountain Lion receive a nasty error.

Damaged? Move to Trash? This is not good. To solve this the app must be signed by a known Developer ID.

Successful Software has an in-depth post, but I’ll summarize my process. To properly test the signing you must be running OS X 10.7.5 or later.

1. Sign up for the Mac Developer Program. $99 a year. Ouch.

2. Request a Signing Certificate.

3. Create a projector with the standalone Flash Player. File menu -> Create Projector

4. Open Terminal.

5. Navigate to the directory containing your flash projector.

6. Use codesign. Here’s how:

codesign -f -v -s "<Developer ID Common Name>" <yourApp>.app

Your Developer ID Common Name can be found within Keychain Access. Open Keychain Access and look for a certificate starting with “Developer ID Application”. Double-click the certificate to get more info. The common name is listed under the details section.

Here is exactly what I used for Super Clew Land:

codesign -f -v -s "Developer ID Application: Rusty Moyher" SuperClewLand.app

If everything is correct, codesign will ask for access to your keychain. Allow it.

Testing

To test the signing you must first “quarantine” the app.

1. Set allowed applications to “Mac App Store and identified developers” in the “Security and Privacy” preference pane. (This is the default option in Mountain Lion.)

2. Upload the app to an online server. I used Transmit to upload via FTP to rustymoyher.com.

3. Download the app in a web browser.

The first time you open the projector a dialogue box like this should appear:

If you see the open button, it worked!