C-Command Software Forum

Signing .app to prevent Gatekeeper block

I’m releasing a .dmg with a signed .app but Gatekeeper keeps blocking my app.

I codesign my app and then use DropDMG to create the .dmg

What am I missing?
1 - Should I only sign my .app after creating the .dmg?
2 - Should the .dmg be signed as well?


The problem you are seeing is probably not related to the .dmg file or DropDMG. The app should definitely be signed before creating the .dmg. In fact, the .dmg is normally read-only, so it would not be possible to sign the .app afterwards. Disk image files do not need to be signed (and, actually, cannot be).

In order for Gatekeeper to accept the app, you can:

  1. Make sure that you are not modifying the .app after signing it.
  2. Use spctl to test the app’s signature.
  3. Make sure that System Preferences > Security & Privacy > General is set to “Allow apps downloaded from” “Mac App Store and identified developers” (or “Anywhere”).


The problem was the certificate I was using. Got it fixed now.