updated Apple Code Signing Cert for macOS installer

jcschaff · jcschaff · commit 84dab9aab06d · 2025-03-18T12:04:13.000-04:00
diff --git a/.github/workflows/CI-full.yml b/.github/workflows/CI-full.yml
@@ -32,9 +32,9 @@ jobs:
         sudo mkdir /usr/local/deploy
         sudo chmod 777 /usr/local/deploy
         cd /usr/local/deploy
-        scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/deploy_dir_2023_07_30.tar .
+        scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/deploy_dir_2025_03_18.tar .
         cd ..
-        sudo tar -xvf deploy/deploy_dir_2023_07_30.tar
+        sudo tar -xvf deploy/deploy_dir_2025_03_18.tar
         sudo chmod 777 -R deploy
     - name: Set up Python
       uses: actions/setup-python@v5
diff --git a/.github/workflows/site_deploy.yml b/.github/workflows/site_deploy.yml
@@ -59,9 +59,9 @@ jobs:
         sudo mkdir /usr/local/deploy
         sudo chmod 777 /usr/local/deploy
         cd /usr/local/deploy
-        scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/deploy_dir_2023_07_30.tar .
+        scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/deploy_dir_2025_03_18.tar .
         cd ..
-        sudo tar -xvf deploy/deploy_dir_2023_07_30.tar
+        sudo tar -xvf deploy/deploy_dir_2025_03_18.tar
         sudo chmod 777 -R deploy
     - name: setup config
       run: |
diff --git a/docker/swarm/README_Apple_code_signing.md b/docker/swarm/README_Apple_code_signing.md
@@ -0,0 +1,38 @@
+# Creating a Code Signing Certificate (.p12) from an Apple Developer ID Application Certificate
+
+This guide provides step-by-step instructions to create a code signing certificate (.p12) from an Apple Developer ID Application certificate. This certificate is used to code sign your app for distribution outside of the Mac App Store Connect.
+
+## Steps
+
+### 1. Generate a Certificate Signing Request (CSR)
+1. Open the Keychain Access application on your Mac.
+2. From the menu bar, select `Keychain Access` > `Certificate Assistant` > `Request a Certificate from a Certificate Authority...`.
+3. Enter your email address and common name. Leave the CA Email Address field blank.
+4. Select `Saved to disk` and `Let me specify key pair information`.
+5. Click `Continue` and save the CSR file to your disk.
+
+### 2. Request the Developer ID Application Certificate
+1. Go to the [Apple Developer](https://developer.apple.com/) website and log in with your Apple ID.
+2. Navigate to `Certificates, Identifiers & Profiles`.
+3. Under `Certificates`, click the `+` button to create a new certificate.
+4. Select `Developer ID Application` and click `Continue`.
+5. Upload the CSR file you generated in step 1 and click `Continue`.
+6. Download the generated certificate (`.cer` file) to your disk.
+
+### 3. Import the Certificate into Keychain Access
+1. Double-click the downloaded `.cer` file to import it into Keychain Access.
+2. The certificate should appear in the `My Certificates` category.
+
+### 4. Export the Certificate as a .p12 File
+1. In Keychain Access, locate the imported certificate under `My Certificates`.
+2. Right-click the certificate and select `Export`.
+3. Choose a location to save the file and select the `Personal Information Exchange (.p12)` format.
+4. Enter a name for the file and click `Save`.
+5. You will be prompted to create a password for the .p12 file. Enter a strong password and click `OK`.
+6. Enter your Mac user account password to allow the export.
+
+### 5. Verify the .p12 File
+1. Ensure the .p12 file is saved at the specified location.
+2. You can use this .p12 file for code signing your applications.
+
+By following these steps, you will have created a .p12 code signing certificate from an Apple Developer ID Application certificate.
diff --git a/docker/swarm/generate_installers.sh b/docker/swarm/generate_installers.sh
@@ -90,8 +90,8 @@ echo "    -e compiler_bioformatsJarDownloadURL=$VCELL_BIOFORMATS_JAR_URL \\"
 echo "    -e compiler_applicationId=$VCELL_CLIENT_APPID \\"
 echo "    -e winCodeSignKeystore_pfx=/buildsecrets/VCELL_UCONN_MS_2017.pfx \\"
 echo "    -e winCodeSignKeystore_pswdfile=/buildsecrets/VCELL_UCONN_MS_2017_pswd.txt \\"
-echo "    -e macCodeSignKeystore_p12=/buildsecrets/VCELL_APPLE_2015.p12 \\"
-echo "    -e macCodeSignKeystore_pswdfile=/buildsecrets/VCELL_APPLE_2015_pswd.txt \\"
+echo "    -e macCodeSignKeystore_p12=/buildsecrets/Apple_Dev_Id_Certificate_exp_20270924.p12 \\"
+echo "    -e macCodeSignKeystore_pswdfile=/buildsecrets/Apple_Dev_Id_Certificate_exp_20270924_pswd.txt \\"
 echo "    -e Install4J_product_key_file=/buildsecrets/Install4J_product_key_10.txt \\"
 echo "    -v $PWD/generated_installers:/outputdir \\"
 echo "    -v ${VCELL_DEPLOY_SECRETS_DIR}:/buildsecrets \\"
@@ -113,8 +113,8 @@ if ! sudo docker run --rm --cpus="1.0" \
     -e compiler_applicationId="$VCELL_CLIENT_APPID" \
     -e winCodeSignKeystore_pfx=/buildsecrets/VCELL_UCONN_MS_2017.pfx \
     -e winCodeSignKeystore_pswdfile=/buildsecrets/VCELL_UCONN_MS_2017_pswd.txt \
-    -e macCodeSignKeystore_p12=/buildsecrets/VCELL_APPLE_2015.p12 \
-    -e macCodeSignKeystore_pswdfile=/buildsecrets/VCELL_APPLE_2015_pswd.txt \
+    -e macCodeSignKeystore_p12=/buildsecrets/Apple_Dev_Id_Certificate_exp_20270924.p12 \
+    -e macCodeSignKeystore_pswdfile=/buildsecrets/Apple_Dev_Id_Certificate_exp_20270924_pswd.txt \
     -e Install4J_product_key_file=/buildsecrets/Install4J_product_key_10.txt \
     -v "$PWD"/generated_installers:/outputdir \
     -v "${VCELL_DEPLOY_SECRETS_DIR}":/buildsecrets \
