-
Notifications
You must be signed in to change notification settings - Fork 32
Notarization Guide
This is a tutorial to explain how to notarize your macOS installer.
Important: In order to notarize your software for macOS distribution, you need to have an installer in the first place.
Step 1
You can only notarize plug-ins that have been codesigned with an Apple certificate.
See the Dplug Installer Guide for how to codesign plug-ins and get these certificates.
Step 2
Create app-specific passwords for altool
and stapler
. Add these passwords to your keychain.
Follow this tutorial below:
- SD notary: Notarizing Made easy (see section "App-specific password")
Step 3
Add 3 keys to your plugin.json
.
-
vendorAppleID
is your Apple ID identifier, used for notarization services: -
appSpecificPassword-altool
is the App Specific Password created with the method in Step 3, foraltool
. -
(deprecated)
appSpecificPassword-stapler
is the App Specific Password created with the method in Step 3, forstapler
. The two passwords can eventually be the same if configured that way.
Example:
"vendorAppleID": "[email protected]",
"appSpecificPassword-altool": "zegz-tyui-azpr-soln"
Alternatively, you can use a single
"keychainProfile-osx"
key in youplugin.json
that replaces the above 3 keys. This will use the--keychain-profile
flag.
Step 4
Build your Mac plug-ins normally with dplug-build
, using both the --installer
and --notarize
switches.
REQUIREMENTS
Notarization requires at a minimum:
- Xcode 10 or superior,
- Dplug v9.0.2 or superior,
- PACE Eden Tool v5 or superior (if you want AAX support).
References: