Strong-name Environment
Follow the steps below to complete setting up an Apple Environment.
NOTE As you proceed through these steps, note that some of the fields may not be editable, and some fields may not appear at all. This is based on the Environment Type you selected and the Environment Template settings that your Code Signing Administrator has established.
-
Select a Signing Flow to use for this Environment. The Flow you select will be invoked when the keys associated with this Environment are used.
This field is removed from GPG Environments designated as Issuer Environments since these Environments can't be used for signing.
-
Select a Key Storage Location, which is where the private key will be stored. Selecting Software stores the key in the Trust Protection Platform Secret Store.
Other options, such as HSMs, may be available based on key storage locations configured by your Code Signing Administrator. If you plan to import an existing key currently stored on an HSM, select the HSM that stores that key.
-
Select a Creation Type, and then follow the instructions for the type you select below.
IMPORTANT Two Environments may not use the same certificate or private key. Make sure that each certificate or private key is assigned to only one CodeSign Protect Environment.
Create new key-
In the Validity Period field, enter the number of days the key should be valid for. Enter
0
for no expiration. -
Select the Key Algorithm to use when new keys are created.
Import existing key-
In the Validity Period field, enter the number of days the key should be valid for. Enter
0
for no expiration. -
Select the Signing Key to import.
Use existing key in HSM-
In the Validity Period field, enter the number of days the key should be valid for. Enter
0
for no expiration. -
From the Private Key drop-down, select the key you want to associate with this Environment. Note that it may take a few minutes to retrieve the key references from the HSM.
-
From the Public HSM Key drop-down, select the public key to associate with this Environment. This list is populated after you select the private key.
After you finish creating the Environment, you'll be able to see the HSM Key Label by opening the Project, selecting the Environment, and then clicking the Instances tab on the Environment properties.
NOTE The HSM Key Label is shown for single key Environments only.
-
- Click Create Environment.
What's Next
If you need additional Environments as part of this Project, you can create those now. A Project can have as many Environments as needed, and the Environments can be any type.
If you're done creating Environments, you can submit your Project for approval.