How to check signatures on apps, installers, and packages

pkgutil --check-signature macOSUpd10.14.1.pkg

this does perform validation and report the most informative result of all:
Package “macOSUpd10.14.1.pkg”:
Status: signed by a certificate that has since expired
followed by the certificate chain. Unfortunately, pkgutil doesn’t appear able to check notarization, at least in Mojave, for which spctl is still required.


Mac package certificate has expired for Acrobat or Reader

pkgutil --check-signature 


Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Share via
Copy link