How to check signatures on apps, installers, and packages

pkgutil --check-signature macOSUpd10.14.1.pkg

this does perform validation and report the most informative result of all:
Package “macOSUpd10.14.1.pkg”:
Status: signed by a certificate that has since expired
followed by the certificate chain. Unfortunately, pkgutil doesn’t appear able to check notarization, at least in Mojave, for which spctl is still required.


Mac package certificate has expired for Acrobat or Reader

pkgutil --check-signature 



No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *