Provisioning Profiles And Mac App Distribution

When faced with distributing Mac OS X apps, you would deal with the following possible use cases:

  1. Distributing a development app to beta users for testing
    For this you have two choices:

    1. Don’t code sign the app and ask your beta users to allow Gatekeeper(available 10.7.5 onwards) to install apps from anywhere. Gatekeeper setting is available in Apple Menu > System Preferences > Security & Privacy > General. You won’t need any certificates or provisioning profiles if you take this path.
    2. Codesign the app with a developer certificate and a development provisioning profile that contains the mac device identifier(hardware uuid) of the beta users’ macs(like in the iOS world). This uuid can be obtained from Apple Menu > About This Mac > More Info > System Report > Hardware Overview > Hardware UUID. Relevant Gatekeeper setting needs to be applied to run apps signed this way.
  2. Distributing a production app outside of Mac App Store (say via a website)
    For this no provisioning profile is required. Only these two certificates are needed – Developer Id Application Certificate, Developer Id Installer Certificate. Gatekeeper setting should be “Allows apps from: Mac App Store and identified developers”. This is the default Gatekeeper setting. However if you have changed this setting to “Allow apps from: Mac App Store”, apps signed this way won’t run on your Mac.
  3. Distributing a production app via the Mac App Store
    For this you need a distribution provisioning profile and these two certificates – 3rd Party Mac Developer Application Certificate, 3rd Party Mac Developer Installer Certificate. Mac App Store apps are not blocked by Gatekeeper.

    Note: Distribution provisioning profiles don’t let you add devices as one would expect. They are only used for pushing apps to Mac App Store.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s