PPPC - No Signature / Anchor Trusted

ben_hertenstein
Contributor

Referring to this article

I have run the command codesign -dr - /path/to/app and codesign -dr - /Applications/application.app for my program and I get a return answer of the executable location followed by Anchor Trusted.

When I run the same command for Google Chrome I get the whole designate => part to create a PPPC payload properly.

After digging into the plist I see that the signature is ????. I assume this means it isn't signed. I further assume that if it isn't signed I can't create a PPPC payload for it. I make that assumption from this article

1. The item being whitelisted must be code-signed

So, If it isn't signed I can not use the built in PCCC option. (Is this assumption correct)

Follow up. Can you use the PCCC Utility to do unsigned apps (in the process of testing)? Or I am just out of luck for those apps.

1 ACCEPTED SOLUTION

sshort
Valued Contributor

Yeah, an app/binary/script needs to be signed for PPPC to work. There's no distinction between a production profile and something you're just testing internally.

If you have an Apple developer account you can use those certs to sign your own app or script. You'd have to contact the developer to sign if this isn't your own app.

View solution in original post

1 REPLY 1

sshort
Valued Contributor

Yeah, an app/binary/script needs to be signed for PPPC to work. There's no distinction between a production profile and something you're just testing internally.

If you have an Apple developer account you can use those certs to sign your own app or script. You'd have to contact the developer to sign if this isn't your own app.

View solution in original post