@@ -193,3 +193,38 @@ $ spctl -a -vvv -t install $HOME/Desktop/Electrum-4.5.8.app
193193source=Notarized Developer ID
194194origin=Developer ID Application: Electrum Technologies GmbH (L6P37P7P56)
195195```
196+
197+ ### How to simulate the signing procedure?
198+
199+ It is possible to run `sign_osx.sh` using a self-signed certificate to test the
200+ signing procedure without using a production certificate.
201+
202+ Note that the notarization process will be skipped as it is not possible to notarize
203+ an executable with Apple using a self-signed certificate.
204+
205+ #### To generate a self-signed certificate, inside your **MacOS VM**:
206+ 1. Open the `Keychain Access` application.
207+ 2. In the menubar go to `Keychain Access` > `Certificate Assistant` > `Create a Certificate...`
208+ 3. Set a name (e.g. `signing_dummy`)
209+ 4. Change `Certificate Type` to *'Code Signing'*
210+ 5. Click `Create` and `Continue`.
211+
212+ You now have a self-signed certificate `signing_dummy` added to your `login` keychain.
213+
214+ #### To sign the executables with the self-signed certificate:
215+
216+ Assuming you have the two unsigned outputs of `make_osx.sh` inside `~/electrum/dist`
217+ (e.g. `Electrum.app` and `electrum-4.5.4-1368-gc8db684cc-unsigned.dmg`).
218+
219+ In `~/electrum` run:
220+
221+ `$ CODESIGN_CERT="signing_dummy" ./contrib/osx/sign_osx.sh`
222+
223+ After `sign_osx.sh` finished, you will have a new `*.dmg` inside `electrum/dist`
224+ (without the `-unsigned` postfix) which is signed with your certificate.
225+
226+ #### To compare the unsigned executable with the self-signed executable:
227+
228+ Running `compare_dmg` with `IS_NOTARIZED=false` should succeed:
229+
230+ `$ IS_NOTARIZED=false ./electrum/contrib/osx/compare_dmg <unsigned executable> <self-signed executable>`
0 commit comments