OS X - how to check if installer is signed

macos pkg

I'm creating installer for my application using pkgbuild and using certificate to sign it. Is there any command which would verify that created .pkg file is really signed (I mean - OS X will install it without saying that it comes from unidentified developer)? I would like to use this command as testing step in automated workflow.


You can use pkgutil --check-signature YOUR.pkg. Sample output:

Package "Silverlight.pkg":
   Status: signed by a certificate trusted by Mac OS X
   Certificate Chain:
    1. Developer ID Installer: Microsoft Corporation
   SHA1 fingerprint: AE D0 A7 C5 31 01 2B 70 D7 FB 49 5A 23 30 3A 67 05 36 5A 11
   -----------------------------------------------------------------------------
    2. Developer ID Certification Authority
   SHA1 fingerprint: 3B 16 6C 3B 7D C4 B7 51 C9 FE 2A FA B9 13 56 41 E3 88 E1 86
   -----------------------------------------------------------------------------
    3. Apple Root CA
   SHA1 fingerprint: 61 1E 5B 66 2C 59 3A 08 FF 58 D1 4A E2 24 52 D1 98 DF 6C 60

Exits with 0 on success.

Related

Where are iOS updates in El Capitan located on Mac
How to order and merge many .ts files?
How can I move my notes from one folder (gmail) to another (iCloud)?
Where does Photos store Live Photo videos?
How can I make the face recognition process continue?
What is the best way to cover your camera and microphone?
Setup config of ssh macOS
Why is Apple telling me to change my password after receiving a password reset email?
What prompts breathe reminders on an Apple Watch?
How to disable scrolling while clicking with the Magic Mouse?
How do I uninstall Tuxera NTFS?
How do I install a specific release of a Homebrew formula on GitHub?