We have a certificate used for signing our client code for macOS. It will expire next spring and needs to be renewed. The deadline is 2025-02-05.
The certificate was generated, downloaded and copied to the apple-signing machine we have. What remains is for the p12 file to be installed on the apple-signing machine, and for the changes to be committed: pki/codesign_apple.p12 | Bin 3045 -> 3296 bytes pki/codesign_apple_cert.der | Bin 1442 -> 1442 bytes pki/codesign_apple_csr.pem | 24 +++++++++---------- pki/codesign_apple_key.pem | 56 ++++++++++++++++++++++---------------------- 4 files changed, 40 insertions(+), 40 deletions(-) This will be done after the 4.18.0 release.
Following the instructions in ctc/pki/README, I got a codesign_apple.p12 which couldn't be used on our sign-server. It complained that the password for the certificate key was wrong, despite me double-checking that it was correct. I am not sure why, but an upgrade from macOS 14 to macOS 15 resolved that issue.
The new certificate seems to work fine. I used ctc/buildtools/bin/download-sign-bundles to sign & notarize the macOS client, that process worked fine. I then downloaded it from my workstation on our M1 mac in the lab to test. It installed and started just fine. The instructions in our README needs some updating.
README has now been updated. I also tested mouse, keyboard input, local drives, sound & mic with the newly signed Mac client. Works fine.
