Re: Verifying signature
Re: Verifying signature
- Subject: Re: Verifying signature
- From: Eli Bach <email@hidden>
- Date: Fri, 23 Jul 2010 11:18:16 -0600
On Jul 23, 2010, at 6:43 AM, sakshi wrote:
> Sorry if this is an oft discussed topic but I could not find any
> specific answer for it. I am signing my pkg using packagemaker --sign.
> I found no way of verifying the signature. One of the discussions
> mentioned that Installer includes UI for verifying the identity but I
> could not find any such thing. Does anyone know of any technique?
>
> Secondly, when I try to sign, the system throws an authentication
> dialog. I tried invoking the command with sudo yet I could not work
> around it. I would like to be able to build and sign the installer on
> any machine and manually selecting Always Allow on all machines is not
> an option. Is there any way to sign silently?
>
> Thanks,
> Sakshi
For signed packages, when you open them in Installer.app, a certificate icon will appear in the upper right corner of the window, in the window frame. You can click on it and the certificate information will be displayed [it's validity, who signed it].
I don't know what happens if the signature is found to be invalid.
Eli
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden