Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

Mac Developer: Creating your own CA and Signing Certificates

Before DeveloperID was announced, I spent considerable time creating a 3-layer self-signed codesign certificate chain for my own applications. There are bugs (at least in Keychain Access for Snow Leopard) that make creating self-signed certificates painstakingly error-prone. Mostly due to the fact that the Certificate Assistant does not remember all settings when moving backward and forwards through the wizard.

In any event, it is possible to create your own root Certificate Authority (which you can publish on your web site, ala Apple's Root CA) and your own intermediate software-signing certificate and your own leaf certificates.

Someone conversant with OpenSSL can probably get it done faster and quicker than with Certificate Assistant.

My intent in creating a self-signed certificate chain was to verify that 3rd party codesigning certificates -- and binaries signed with 3rd party certificates -- would work with Tighten Pro. And they do. As long as the signing chain has 3 certificates.

Labels: , , ,

By : Tighten Creating your own CA and Signing Certificates


Post a Comment

[ Home ]




 Tighten App.app    
 Tighten Pro.app    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    

Copyright © 2005-2020
All Rights Reserved
Tighten Pro