Signing app (macOS build step), different certificates if appstore or external

I am using Xojo in macOS and I am trying to compile a macOS application to distribute it externally BUT ALSO in appstore.

This is the first time I do this but for what I have read I think I need:

  • Apple distribution certificate → for the appstore
  • Developer ID application certificate → distributing outside appstore

The thing is that in the ‘Sign’ build step if I set my developer id (XXXXXXXXXX) and I have those TWO certificates in my computer, Xojo shows the following error:

Error signing application: XXXXXXXXXX: ambiguous (matches "Developer ID Application: Developer Name (XXXXXXXXXX)” and "Apple Distribution: Developer Name (XXXXXXXXXX)” in /Users/myUser/Library/Keychains/login.keychain-db)

If I delete one of the certificates from the computer keychain then it works OK, but the problem is that if I want to distribute the application in the appstore and outside the appstore the process would be ridiculous having to install and uninstall certificates every time.

Am I doing something wrong? Should this be a feature request for Xojo to handle multiple certificates ?

Hi @Felipe_Alcalde

Don’t delete the certificates from your computer.

Type/paste the complete string into the Developer ID field in the Xojo IDE:

Developer ID Application: whatever-the-name-is (XXXXXXXXXX)

Thanks @Javier_Menendez . That makes sense.

I was able to create the app for distribution outside the appstore but I’m stuck on trying to distributing it IN the appstore. I´ve heard of “app wrapper” but I can´t pay for additional licenses after paying for Xojo and also the apple developer program.

These are the steps I already have completed:

I think the next step is uploading the app and one of the methods to do it is using an application that Apple offers for this purpose called “Transporter” (in the past, “application loader” was used but it was removed from latest versions of Xcode). Transporter does not admits a “.app” but I need to provide a “.pkg” or “.ipa”. And I believe that “.pkg” needs to be signed with another additional certificate (probably “Developer ID installer”). I am guessing Xojo does not have the capability of creating .ipa or .pkg files and I need to do that externally?

Is there any guide or information or some advise someone can give me on how to do this?

Thank you again

You only need to create a pkg if your application requires something special during installation, like if there are scripts that you need to run for creating a daemon or something like that. Otherwise, if it’s just as simple as copying an app bundle to the Applications directory, you will need a dmg disk image that is also signed.

For creating pkg files, I suggest the use of the Packages app.

For creating the dmg, use something like dmgcanvas.

You could also use the excellent tool AppWrapper from Sam Rowlands, which can orchestrate most of this for you.

Hi @Felipe_Alcalde

If you can read in Spanish… I recommend this blog post to you :slightly_smiling_face: Como subir tus macOS apps a la AppStore Connect - AprendeXojo

As explained in the blog post, apps meant to be distributed through the AppStore have to be Sandboxed + required entitlements

Also remember that you can apply Sandboxing + Hardened Runtime + Notarize your apps right from the Xojo IDE starting with Xojo 2024r4

Thank you for the reply @Greg_O. My app is very simple and does not need an installer ( .pkg), but because the Transporter app only accepts .pkg files I assume it is a requisite for the AppStore.

Awesome @Javier_Menendez. Spanish is my native tongue so I’ll definitely check out the blog post. Thank you for your help.

1 Like