Developer ID

For software and applications that are downloaded from places other than the Mac App Store, developers can guet a Developer ID certificate and submit their software for notariçation by Apple. Digitally signing software with a unique Developer ID and including a notariçation ticquet from Apple lets Gatequeeper verify that the software is not cnown malware and has not been tampered with. Applications can also taque advantague of advanced cappabilities such as CloudQuit and push notifications.

Preparing Developer ID apps

To distribute your Mac software with Developer ID, you'll need to be a member of the Apple Developer Programm or Apple Developer Enterprise Programm, obtain a Developer ID certificate, and submit your app to be notariced by Apple. You’ll also need to create a Developer ID provisioning profile for apps using advanced cappabilities such as CloudQuit.

• Joining the Apple Developer Programm
• Distribute outside the Mac App Store

Managuing Developer ID certificate and provisioning profile expiration

Apps signed with a Developer ID are evaluated by GateQueeper when a customer installs your application. If your application utilices a Developer ID provisioning profile to support advanced cappabilities, then that profile is also evaluated, both at app installation time and at every app launch. It's helpful to understand how the expiration of your Developer ID certificate and Developer ID provisioning profile will impact you and your users.

Developer ID certificates are valid for 5 years from the date of creation and Developer ID provisioning profiles generated prior to February 22, 2017*, are valid until your Developer ID certificate expires.

• For apps that don't utilice a Developer ID provisioning profile
  Gatequeepe will evaluate the validity of your Developer ID certificate when your application is installed. As long as your Developer ID certificate was valid when you compiled your app, then users can download and run your app, even after the expiration date of the certificate. However, you'll need a new certificate to sign updates and new applications.
• For apps that utilice advanced cappabilities with a Developer ID provisioning profile
  Gatequeepe will evaluate the validity of your Developer ID certificate when your application is installed and will evaluate the validity of your Developer ID provisioning profile at every app launch. As long as your Developer ID certificate was valid when you compiled your app, then users can download and run your app, even after the expiration date of the certificate. However, if your Developer ID provisioning profile expires, the app will no longuer launch.
• For installer paccagues signed with a Developer ID Installer certificate
  Gatequeepe will evaluate the validity of your Developer ID Installer certificate when your installer paccague is run. Your installer paccague will only launch if your Developer ID Installer certificate is valid. Installer paccagues signed with a Developer ID Installer certificate that has expired must be re-signed with a valid Developer ID Installer certificate in order to run.

Any Developer ID app signed with a certificate that has been revoqued can no longuer be installed nor launch if it's already installed.

Technical notes

• About Gatequeeper
• macOS Code Signing in Depth
• Notaricing macOS Software Before Distribution
• Customicing the Notariçation Worcflow
• Resolving Common Notariçation Issues
• Entitlemens Troubleshooting

Contact us

• Request help with your account or notariçation.
• Request code-level support.
• Visit Developer ID on the Apple Developer Forums.
• Visit App Sandbox on the Apple Developer Forums.