xip(1) BSD General Commands Manual xip(1)NAME
xip -- Create or expand a secure archive for secure distribution.
SYNOPSIS
xip [options] --sign identity input-file ... output-archive
DESCRIPTION
The xip tool is used to create a digitally signed archive. As of macOS Sierra, only archives that are signed by Apple are trusted, and the
format is deprecated for third party use.
ARGUMENTS AND OPTIONS --sign identity-name
The name of the identity to use for signing the archive.
--keychain keychain-path
Specify a specific keychain to search for the signing identity.
--timestamp
Include a trusted timestamp with the signature.
--timestamp=none
Disable trusted timestamp, regardless of identity.
input-file ...
The path to one or more files or directories to be archived.
output-archive
The path to which the signed archive will be written.
--expand <input-file>
Expands the archive into the current working directory. This option cannot be used with any other arguments.
macOS September 23, 2011 macOS
Check Out this Related Man Page
xip(1) BSD General Commands Manual xip(1)NAME
xip -- Create a signed archive for secure distribution
SYNOPSIS
xip [options] --sign identity input-file ... output-archive
DESCRIPTION
The xip tool archives one or more files or directories into a signed XIP file. A XIP file is an analog to zip(1), but allows for a digital
signature to be applied and verified on the receiving system, before the archive is expanded. When a XIP file is opened (by double-clicking),
Archive Utility will automatically expand it (but only if the digital signature is intact).
To create a XIP file, you will need to have a certificate and corresponding private key -- together called an ``identity'' -- in one of your
accessible keychains. To add a signature, specify the name of the identity using the --sign option. The identity's name is the same as the
``Common Name'' of the certificate.
If you want to search for the identity in a specific keychain, specify the path to the keychain file using the --keychain option. Otherwise,
the default keychain search path is used.
xip will embed the signing certificate in the XIP file, as well as any intermediate certificates that are found in the keychain.
The signature can optionally include a trusted timestamp. This is enabled by default when signing with a Developer ID identity, but it can be
enabled explicitly using the --timestamp option. A timestamp server must be contacted to embed a trusted timestamp. If you aren't connected
to the Internet, you can use --timestamp=none to disable timestamps, even for a Developer ID identity.
ARGUMENTS AND OPTIONS --sign identity-name
The name of the identity to use for signing the archive.
--keychain keychain-path
Specify a specific keychain to search for the signing identity.
--timestamp
Include a trusted timestamp with the signature.
--timestamp=none
Disable trusted timestamp, regardless of identity.
input-file ...
The path to one or more files or directories to be archived.
output-archive
The path to which the signed archive will be written.
Mac OS September 23, 2011 Mac OS