The policy console for on-premises installations provides the option to code-sign an app at the same time as you apply security policies. 

This section describes how to set up a Mac and connect it to the console you set up in Ubuntu/Debian: Installing, upgrading, and uninstalling the policy console. The macOS signing server can be used to sign both iOS and Android apps.

Before you can secure iOS apps with the policy console, you must:

Enroll in Apple’s iOS Developer Enterprise Program.

Set up a Mac computer with the provisioning profiles that enable you to create and distribute iOS apps. This computer acts as the iOS app-signing server for the policy console.

For details about how iOS provisioning profiles work with Blue Cedar, see About iOS Provisioning and Blue Cedar.

The Apple Developer website, developer.apple.com, is the ultimate resource for iOS provisioning advice. If you’re new to developing iOS apps, the tools and documentation on the Apple Developer site can guide you through the process.

Hardware requirements

A Mac mini or similar Mac computer

Software requirements (minimum versions)

The app-signing server has been tested on these versions, but may run on newer versions.

  • OS: macOS 10.12 (Sierra), macOS 10.13 (High Sierra)
    • The system should have all the latest macOS software updates.
  • Xcode 8.3.2

iOS Developer Enterprise Program

Your Mac computer must be properly provisioned for creating and running iOS apps before you can secure apps. The specific set-up steps for different systems can vary. For more information, see About iOS Provisioning and Blue Cedar.