Code signing for macOS
An app must be signed to pass the macOS Gatekeeper and to submit an app to the App Store. Sign a build by uploading your provisioning profile (.provisionprofile) and certificate (.p12) when configuring the build. On macOS, provisioning profiles are optional depending on whether your project is using sandboxing or not. Once you've saved a provisioning profile and the matching certificate to a build configuration of a branch, App Center will sign your app with the provided assets regardless of the settings of your project. When you provide a certificate only, it must match the project settings, otherwise it will fail.
Learn more about where to find the provisioning profiles and certificates that are required for signing. When Automatically manage signing is enabled in the target of your project, it's possible to upload the developer provisioning profile generated by Xcode instead of one from the Apple Developer Portal.
Please make sure that the signing assets you upload are really the ones you intend to sign the app with. The bundle identifier and team ID in your app will be overwritten by the settings in the signing assets.
- Mac Development: Used to enable certain app services during development and testing.
- Mac App Distribution: Used to sign a Mac app before submitting it to the Mac App Store.
- Developer ID Application: Used to sign a Mac app before distributing it outside the Mac App Store.
Provisioning Profiles (.provisionprofile)
Provisioning profiles are optional, sandboxed apps require
- Mac App Development: Install development apps on test devices.
- Mac App Store: Submitting to the Mac App Store.
- Developer ID: Use Apple services with your Developer ID signed applications.
The following signing methods are currently not supported:
Mac App Development signing does not work with manual signing and a provisioning profile. Signing an app with a Mac App Development provisioning profile requires that the UUID of the device that the app built on is provisioned in the selected profile. All of our builds run on one of our Virtual Machines chosen during runtime. Since the physical UUID of Virtual Machines changes, it's not possible to support signing with a Mac Developer certificate and provisioning profile.
Signing for the Mac App Store isn't supported since it requires that you upload two certificates.