A developer signed an installer package in April 2017 and it’s still valid, but Apple signed a Catalina installer app in December 2019 and its certificate has now expired. This article explains why.
signature
An overview of code signing and certificate requirements to come when macOS 27 is released in a few months, supporting only Apple silicon Macs. How Intel Macs will be affected in the near future.
How Mac applications evolved from a multitude of resources to a bundle formed from a standard layout of directories, and how they have come to be largely self-contained in macOS 26.
From its introduction in Leopard in 2006, some were predicting no good would come of it. From 2012 it became important with Gatekeeper, then came notarization in 2018.
We want confidence that all executable code is exactly as was built by its developer, and if any is found to be malicious, we want macOS to be able to block its launch.
Although macOS won’t tell, Apparency will, even down to launch constraints. Other alternatives, and how to check in the command line.
How is it going to be harder to run apps that haven’t been notarized in Sequoia, and does it bring any benefit in return for the inconvenience?
Why XProtect Remediator scans can report BadPluginServiceSignature status_code 31 and abort, and why you don’t need to do anything about it.
What is going to change in notarization and code signing? Will sandboxing be required? How does this affect privacy controls?
Causes include code signature errors, app translocation, damaged documents, and corrupted or incompatible preference file.
The Eclectic Light Company 