In order to sign a package in a munkipkg project you will need:
- membership of the paid Apple Developer Program
- Xcode installed
- munkipkg installed, and a working knowledge of the tool
Once all 3 criteria are met you are ready to begin signing your munkipkg projects.
Generate a Distribution Certificate
Open Xcode and sign into your Apple Developer Program registered Apple ID under the Accounts tab. Once you are signed select Manage Certificates in the bottom right of the Apple ID window. In the popup window click the + button in the bottom left corner and select Developer ID Installer. The requested certificate will now display in the current window and a signing certificate will be added to your local keychain.
Apply a Distribution Certificate to a munkipkg project
Now that you have a valid signing certificate, open a current munkipkg project and a
signing-info dictionary to the
build-info.plist. In the
signing-info dictionary add a key titled
identity with a string value containing the Common Name of your registered developer organization. Then add another key to the
signing-info dictionary titled
timestamp with the boolean value true.
Your singing_info dictionary should look like this:
<key>signing_info</key> <dict> <key>identity</key> <string>Pretend Co.</string> <key>timestamp</key> <true/> </dict>
Save your amendments to the
Build a signed munkipkg project
Back out to the parent directory of your project and run munkipkg. After execution you should have a shiny, new signed package installer waiting for you in the build directory.