apple-codesign 0.11.0

Pure Rust interface to code signing on Apple platforms
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

.. _apple_codesign_getting_started:

===============
Getting Started
===============

Installing
==========

To install the latest release version of the ``rcodesign`` executable using Cargo
(Rust's package manager):

.. code-block:: bash

    cargo install apple-codesign

To enable smart card integration:

.. code-block:: bash

    cargo install --features smartcard apple-codesign

To compile and run from a Git checkout of its canonical repository (developer mode):

.. code-block:: bash

    cargo run --bin rcodesign -- --help

To install from a Git checkout of its canonical repository:

.. code-block:: bash

    cargo install --bin rcodesign

To install from the latest commit in the canonical Git repository:

.. code-block:: bash

    cargo install --git https://github.com/indygreg/PyOxidizer --branch main rcodesign

Obtaining a Code Signing Certificate
====================================

Follow the instructions at :ref:`apple_codesign_certificate_management` to obtain
a code signing certificate.

.. _apple_codesign_transporter:

Installing Apple Transporter for Notarization
=============================================

Notarization requires using Apple Transporter for uploading artifacts to
Apple for notarization. This (Java) tool is distributed for macOS, Windows,
and Linux.

You can install it by following
`Apple's instructions <https://help.apple.com/itc/transporteruserguide/#/apdAbeb95d60>`_.

If you do not want to perform notarization, you do not need to install
Apple Transporter.

.. _apple_codesign_apple_connect_api_key:

Obtaining an Apple Connect API Key
==================================

To notarize and staple, you'll need an Apple Connect API Key to
authenticate connections to Apple's servers.

You can generate one at https://appstoreconnect.apple.com/access/api.

This requires an Apple Developer account, which requires paying money. You may
need to click around in the App Store Connect website to enable the API keys
feature.

Apple Transporter looks in various locations for the API Key. Run ``iTMSTransporter
-help upload`` and read the docs for the ``-apiKey`` argument.

We recommend putting the keys in ``~/.appstoreconnect/private_keys/`` because that
is a descriptive directory name.