diff --git a/NEWS.md b/NEWS.md
index 36d0cb7e..e0495f36 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -4,6 +4,10 @@
 
 [Unreleased]: https://github.com/electron/electron-packager/compare/v17.1.2...main
 
+### Changed
+
+* Added `osxSign.continueOnError` option. Setting it to `false` will fail the build if there was an error signing the app instead of the default behavior of printing a warning. (#1579)
+
 ## [17.1.2] - 2023-08-18
 
 [17.1.2]: https://github.com/electron/electron-packager/compare/v17.1.1...v17.1.2
diff --git a/src/mac.js b/src/mac.js
index 6eaf5245..7f8ea47d 100644
--- a/src/mac.js
+++ b/src/mac.js
@@ -351,7 +351,11 @@ class MacApp extends App {
         await signApp(signOpts)
       } catch (err) {
         // Although not signed successfully, the application is packed.
-        common.warning(`Code sign failed; please retry manually. ${err}`, this.opts.quiet)
+        if (signOpts.continueOnError) {
+          common.warning(`Code sign failed; please retry manually. ${err}`, this.opts.quiet)
+        } else {
+          throw err
+        }
       }
     }
   }
@@ -418,6 +422,11 @@ function createSignOpts (properties, platform, app, version, quiet) {
     signOpts.identity = null
   }
 
+  // Default to `continueOnError: true` since this was the default behavior before this option was added
+  if (signOpts.continueOnError !== false) {
+    signOpts.continueOnError = true
+  }
+
   return signOpts
 }
 
diff --git a/test/darwin.js b/test/darwin.js
index 0c0c108f..479ea53f 100644
--- a/test/darwin.js
+++ b/test/darwin.js
@@ -319,38 +319,44 @@ if (!(process.env.CI && process.platform === 'win32')) {
   test('osxSign: default args', t => {
     const args = true
     const signOpts = mac.createSignOpts(args, 'darwin', 'out', 'version')
-    t.deepEqual(signOpts, { identity: null, app: 'out', platform: 'darwin', version: 'version' })
+    t.deepEqual(signOpts, { identity: null, app: 'out', platform: 'darwin', version: 'version', continueOnError: true })
   })
 
   test('osxSign: identity=true sets autodiscovery mode', t => {
     const args = { identity: true }
     const signOpts = mac.createSignOpts(args, 'darwin', 'out', 'version')
-    t.deepEqual(signOpts, { identity: null, app: 'out', platform: 'darwin', version: 'version' })
+    t.deepEqual(signOpts, { identity: null, app: 'out', platform: 'darwin', version: 'version', continueOnError: true })
   })
 
   test('osxSign: optionsForFile passed to @electron/osx-sign', t => {
     const optionsForFile = () => ({ entitlements: 'path-to-entitlements' })
     const args = { optionsForFile }
     const signOpts = mac.createSignOpts(args, 'darwin', 'out', 'version')
-    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version', optionsForFile })
+    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version', optionsForFile, continueOnError: true })
   })
 
   test('osxSign: app not overwritten', t => {
     const args = { app: 'some-other-path' }
     const signOpts = mac.createSignOpts(args, 'darwin', 'out', 'version')
-    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version' })
+    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version', continueOnError: true })
   })
 
   test('osxSign: platform not overwritten', t => {
     const args = { platform: 'mas' }
     const signOpts = mac.createSignOpts(args, 'darwin', 'out', 'version')
-    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version' })
+    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version', continueOnError: true })
   })
 
   test('osxSign: binaries not set', t => {
     const args = { binaries: ['binary1', 'binary2'] }
     const signOpts = mac.createSignOpts(args, 'darwin', 'out', 'version')
-    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version' })
+    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version', continueOnError: true })
+  })
+
+  test('osxSign: continueOnError=false', t => {
+    const args = { continueOnError: false }
+    const signOpts = mac.createSignOpts(args, 'darwin', 'out', 'version')
+    t.deepEqual(signOpts, { app: 'out', platform: 'darwin', version: 'version', continueOnError: false })
   })
 
   if (process.platform === 'darwin') {
@@ -363,6 +369,19 @@ if (!(process.env.CI && process.platform === 'win32')) {
       await exec(`codesign --verify --verbose ${appPath}`)
       t.pass('codesign should verify successfully')
     }))
+
+    test.serial('end-to-end failed codesign throws an error with osxOpts.continueOnError=false', darwinTest(async (t, opts) => {
+      opts.osxSign = { identity: 'something else', continueOnError: false }
+
+      await t.throwsAsync(() => packager(opts))
+    }))
+
+    test.serial('end-to-end failed codesign does not throw an error with osxOpts.continueOnError=true', darwinTest(async (t, opts) => {
+      opts.osxSign = { identity: 'something else' }
+
+      await packager(opts)
+      t.pass('codesign should fail but continue due to continueOnError=true')
+    }))
   }
 
   test.serial('macOS: binary naming', darwinTest(binaryNameTest))