Skip to content

How to digitally sign/notarize releases

In the project management docs and in office hours I have heard that releases should be signed (or notarized) with EF's signatures. How does one go about doing that for C++ binaries?

I wish to do the following:

Windows

  • Digitally sign an executable
  • Digitally sign an installer executable with the aforementioned signed executable in it

macOS

  • Notarize an app bundle
  • I would then put aforementioned app bundle into a DMG file (I can do that). At that point, I would need to sign, notarize, staple, and verify the DMG image

Linux

To be honest, I'm not 100% how GPG signatures work, I could use some guidance on that. Does EF apply that to binaries officially, or do I do that with my own signature?

I've done the Windows and macOS process on my own over the years, but with my own Windows certificate or Apple Developer certificate. I would like to do this with EF's certs now.

Thanks for any help.

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent