Updated the code signing docs.

llvm-svn: 178352

1 files changed, 21 insertions, 27 deletions

diff --git a/lldb/docs/code-signing.txt b/lldb/docs/code-signing.txt
index 1c8220a50a2..32de788a975 100644
--- a/lldb/docs/code-signing.txt
+++ b/lldb/docs/code-signing.txt
@@ -1,6 +1,6 @@
 On MacOSX lldb needs to be code signed. The Debug, DebugClang and Release 
 builds  are set to code sign using a code signing certificate named 
-lldb_codesign. 
+"lldb_codesign". 
 
 If you have re-installed a new OS, please delete all old lldb_codesign items
 from your keychain. There will be 3: a code signing certification and a public
@@ -30,38 +30,32 @@ If you don't have one yet you will need to:
 - Click Done
 - Click on the "My Certificates"
 - Double click on your new lldb_codesign certificate
-- Turn down the "Trust" disclosure triangle
-
-	Change:
-		When using this certificate: Always Trust
-
-- Enter your login password to confirm and make it trusted
-
-The next steps are necessary on SnowLeopard, but are probably because of a bug
-how Keychain Access makes certificates.
-[Note: These also apply for Lion and Mountain Lion.]
-
-- Drag the new lldb_codesign certificate from the login keychain to
-  the System keychain in the Keychains pane of the main Keychain Access window
-  to make a copy of this certificate in the System keychain.  You'll have to
-  authorize a few more times, set it to be "Always trusted" when asked.
-- Make sure there is no "~/Desktop/lldb_codesign.cer" file on your desktop,
-  if there is one, delete it first, otherwise when you drag a copy of the
-  lldb_codesign certificate to your desktop it will get renamed as
-  "lldb_codesign_1.cer" and the security command you run below will trust the
-  old incorrect certificate.
-- Switch to the System keychain, and drag the copy of lldb_codesign you just
-  made there onto the desktop.
+- Turn down the "Trust" disclosure triangle, scroll to the "Code Signing" trust
+  pulldown menu and select "Always Trust" and authenticate as needed using your
+  username and password.
+- Drag the new "lldb_codesign" code signing certificate (not the public or private
+  keys of the same name) from the "login" keychain to the "System" keychain in the 
+  Keychains pane on the left hand side of the main Keychain Access window. This will
+  move this certificate to the "System" keychain. You'll have to authorize a few
+  more times, set it to be "Always trusted" when asked.
+- Remove "~/Desktop/lldb_codesign.cer" file on your desktop if there is one.
+- In the Keychain Access GUI, click and drag "lldb_codesign" in the "System" keychain
+  onto the desktop. The drag will create a "~/Desktop/lldb_codesign.cer" file used in
+  the next step.
 - Switch to Terminal, and run the following:
 
 sudo security add-trust -d -r trustRoot -p basic -p codeSign -k /Library/Keychains/System.keychain ~/Desktop/lldb_codesign.cer
 rm -f ~/Desktop/lldb_codesign.cer
 
-- Right click on the "lldb_codesign" certificate in the "System" keychain (NOT
-  "login", but the one in "System"), and select "Delete" to delete it from
-  the "System" keychain.
+- Drag the "lldb_codesign" certificate from the "System" keychain back into the
+  "login" keychain
+- Quit Keychain Access
 - Reboot
 - Clean by removing all previously creating code signed binaries and rebuild
   lldb and you should be able to debug.
 
-That should do it.
+When you build your LLDB for the first time, the Xcode GUI will prompt you for permission
+to use the "lldb_codesign" keychain. Be sure to click "Always Allow" on your first
+build. From here on out, the "lldb_codesign" will be trusted and you can build from the
+command line without having to authorize. Also the first time you debug using a LLDB that
+was built with this code signing certificate, you will need to authenticate once.