diff --git a/.github/workflows/build_multiplatform.yml b/.github/workflows/build_multiplatform.yml
index 639c69dd..21825695 100644
--- a/.github/workflows/build_multiplatform.yml
+++ b/.github/workflows/build_multiplatform.yml
@@ -299,6 +299,12 @@ jobs:
       #   with:
       #     path: tnc/lib/codec2
 
+      - name: Add MacOS certs
+        if: ${{startsWith(matrix.os, 'macos')}}
+        run: chmod +x add-osx-cert.sh && ./add-osx-cert.sh
+        env:
+          CERTIFICATE_OSX_APPLICATION: ${{ secrets.CERTIFICATE_OSX_APPLICATION }}
+          CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}
 
       - name: Build binaries macOS
         if: ${{startsWith(matrix.os, 'macos')}}
diff --git a/add-osx-cert.sh b/add-osx-cert.sh
new file mode 100644
index 00000000..6da80041
--- /dev/null
+++ b/add-osx-cert.sh
@@ -0,0 +1,23 @@
+#!/usr/bin/env sh
+
+KEY_CHAIN=build.keychain
+CERTIFICATE_P12=certificate.p12
+
+# Recreate the certificate from the secure environment variable
+echo $CERTIFICATE_OSX_APPLICATION | base64 --decode > $CERTIFICATE_P12
+
+#create a keychain
+security create-keychain -p actions $KEY_CHAIN
+
+# Make the keychain the default so identities are found
+security default-keychain -s $KEY_CHAIN
+
+# Unlock the keychain
+security unlock-keychain -p actions $KEY_CHAIN
+
+security import $CERTIFICATE_P12 -k $KEY_CHAIN -P $CERTIFICATE_PASSWORD -T /usr/bin/codesign;
+
+security set-key-partition-list -S apple-tool:,apple: -s -k actions $KEY_CHAIN
+
+# remove certs
+rm -fr *.p12
\ No newline at end of file