How to check if an app is signed on macOS
App signing is a way to verify that an app is trustworthy. macOS checks an app for a valid signature and if it doesn’t have one, it will block the app from running and/or installing. There is a way to get around the stop if you want to run an unsigned app but you do so at your own risk. If you’ve installed an app, or you’re about to run one, there’s no simple way to check if it’s signed or not. You can run it and macOS will tell you it couldn’t verify something but, to be sure, you can use a free app called What’s your sign to check if an app is signed.
Check app signature
This works for apps that have not been installed, and for apps that are in the user’s Application folder. It seems that if you go to the system’s Application folder, the app won’t work. This is simple enough to work around.
First, download and install What’s your sign. The app works via the context menu and it will restart Finder once when you install it.
Navigate to an app that you’d like to verify the signature of. Right-click it and look for the ‘Signing Info’ option. Click it.
A new window will open with information on whether or not the app is signed. You can also view hash values and see who the signing authority is.
As for apps that are in the system Application folder, what you can do is, you can copy them to any other folder that’s inside your own user folder. This will do just fine since you’re only looking to verify the signature. Right-click the copied file and select the signing info option.
This works for apps that are installed, and that aren’t. If all you have is the app file that still needs to be moved to the Applications folder, you can run the signature check on it.
Signing is not something that users can control. It is up to developers to sign their apps, many do, some don’t. For those that do not sign apps, there is usually just one or two extra steps involved to get them running. That said, if you’re working in an environment where unsigned apps simply cannot be used and the app you’re looking to use is indeed unsigned, there isn’t much you can do. You can try asking the developer to have their app verified or you can look for an alternative to it.