tauri-code-signing_skill

This skill guides you through code signing and notarization for Tauri apps across Android, iOS, Linux, macOS, and Windows.

12

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill dchuk/claude-code-tauri-skills --skill tauri-code-signing

  • SKILL.md11.1 KB

Overview

This skill guides you step-by-step through code signing and notarization for Tauri v2 apps on Android, iOS, Linux, macOS, and Windows. It explains certificate types, local and CI/CD certificate handling, and configuration snippets for tauri.conf.json and build pipelines. The focus is practical: create keys, prepare build configs, and automate signing in CI.

How this skill works

The skill inspects platform-specific signing requirements and provides commands and configuration examples to generate, export, and use certificates or keys. It maps required environment variables to CI/CD workflows, shows how to embed signing steps into Gradle, GitHub Actions, or PowerShell, and covers notarization and signature validation for macOS and AppImage. It also explains optional and mandatory steps per distribution channel.

When to use it

  • Preparing release builds for app stores (Google Play, App Store)
  • Automating signing and notarization in CI/CD pipelines
  • Distributing signed desktop packages on macOS, Windows, and Linux
  • Testing signed builds locally before publishing
  • Integrating cloud-based signing (Azure Key Vault, Trusted Signing)

Best practices

  • Never commit private keys, keystore.properties, or base64-encoded certificates to version control; use secrets management.
  • Use App Store Connect API keys for automated macOS/iOS notarization rather than interactive Apple ID when possible.
  • Store certificates encrypted as CI secrets and decode them during the build pipeline, then import into a temporary keychain or certificate store.
  • Use EV certificates for Windows to ensure immediate SmartScreen reputation when required.
  • Keep signing configuration centralized in tauri.conf.json and reference environment variables for secrets.

Example use cases

  • Generate a Java Keystore locally and wire keystore.properties into Gradle for Android release builds.
  • Export an iOS .p12 and provisioning profile to base64 secrets and configure CI to import them for App Store uploads.
  • Create a GPG key and enable SIGN=1 to produce and validate signed AppImage artifacts for Linux distributions.
  • Import a .pfx in a Windows runner and set certificateThumbprint in tauri.conf.json to sign installers and satisfy SmartScreen.
  • Configure Azure Key Vault or a custom signCommand in tauri.conf.json to offload private key management and sign Windows binaries in CI.

FAQ

Yes. Apple Developer Program enrollment is required for distribution and notarization; free accounts cannot notarize apps for wide distribution.

How should I store certificate files for CI?

Export certificates to .p12 or .pfx, base64-encode them, store as CI secrets, decode into a temporary file during the job, import into keychain or cert store, then remove artifacts.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
tauri-code-signing skill by dchuk/claude-code-tauri-skills | VeilStrat