If you don't have golang installed, you need to do that and export GOPATH
if [[ ! $(go version 2>/dev/null) ]]
then
brew install go --cross-compile-common
fi
export GOPATH=${GOPATH:-$HOME/go}
mkdir -p "$GOPATH"
LINE=$(cat << EOF
export GOPATH=$GOPATH
EOF
)
FILE=$HOME/.bash_profile
# Only append LINE if file does not already contain it
grep -qF "$LINE" "$FILE" || echo "$LINE" >> "$FILE"
- Start keychain access
- Keychain access -> Certificate assistance -> Create a certificate
- Name it whatever you like (I choose AWSVAULTSIGNER)
- Check "Let me override defaults"
- Just click continue until you reach "Extended Key Usage Extension" select "Code Signing"
- Just click continue until you reach the point to select Keychain, select the System keychain
- type
codesign --force --sign name-of-certificate /Users/${HOME}/go/src/github.com/99designs/aws-vault/aws-vaultin your console - You can then sign your binary like this:
go get -u -v github.com/99designs/aws-vault
cd $GOPATH/src/github.com/99designs/aws-vault
make build
codesign --force --sign name-of-certificate ${GOPATH}/src/github.com/99designs/aws-vault/aws-vault
export PATH="$(PWD):$PATH"
# verify signature
codesign -dvv $(which aws-vault) 2>&1 | grep Authority$ codesign -dvv $(which aws-vault) 2>&1 | grep Authority
Check out Apple's guide on it here, or find it in Keychain Access > Certificate Assistant > Create Certificate > Code Signing Certificate.