How can I determine if a certain .app file is signed

Get Info on an .app does not produce the signature information. On Windows for example, right-click > properties will expose who signed the file.

How do I obtain that info for a given .app on OS X?


Solution 1:

You can check a file by issuing the following command in Terminal:

 codesign -dv /Applications/Whatever.app

There is a free tool that implements the functions of the codesign command and extends it with a nice GUI. It's called RB App Checker (on the App Store) as well as a site describing the program http://brockerhoff.net/RB/AppCheckerLite/

I've not needed anything but these two tools for checking code signing on OS X so hopefully they fit your needs. Do check out the AppChecker if your Mac doesn't have codesign (some older ones needed Xcode to get that tool before gatekeeper shipped).

As to how you would know, the OS will show untrusted apps as dim and with a generic icon until the gatekeeper process approves a bundle to run - but that code could still be signed so you can't rely on a visual clue to necessarily tell if some code has or has not been signed - especially considering that gatekeeper could be disabled on a given Mac.