RFR: 8311877: [macos] Add CLI options to provide signing identity directly to codesign and productbuild
Michael Hall
mik3hall at gmail.com
Sat Oct 7 00:50:42 UTC 2023
> On Oct 6, 2023, at 6:31 PM, Alexander Matveev <almatvee at openjdk.org> wrote:
>
> CSR [JDK-8316631](https://bugs.openjdk.org/browse/JDK-8316631).
> We will not do any validations of certificates in this case like we do with --mac-signing-key-user-name or we will not check if produced application image or installer got signed correctly.
Again, a suggestion might be to do a codesign verify. For example…
codesign -v --verbose=4 outputdir/HalfPipe.app
man codesign
-v, --verify
Requests verification of code signatures. If other actions (sign, display, etc.) are also requested, -v is interpreted to mean --verbose.
Doing this might allow to fail if errors are indicated or at least provide information maybe on verbose runs if there seem to be problems.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/core-libs-dev/attachments/20231006/6a41cc85/attachment.htm>
More information about the core-libs-dev
mailing list