Gatekeeper is a new security mechanism added to Mac OS X Mountain Lion. Gatekeeper is intended to prevent applications from unknown sources being installed without your knowledge. To work, this new software requires that all applications are signed with a Developer ID provided by Apple. Adobe has been working with Apple and is signing all future applications, including the CS6 products. However, older products released before this new feature (for example, all CS5 and CS5.5 products) have not been signed. Therefore, a Gatekeeper warning message appears when you try to install them on systems running Mountain Lion.

If you'd like to verify the digital signature on older, pre-Gatekeeper Adobe installers, follow the procedures below.

Verify digital signatures for pre-Gatekeeper applications

Creative suite installers (suites and point products) are named “"  To check the signature on the installer, locate the file for the installer you want to verify. If you have not enabled the Finder option to display filename extensions, you can't see the .app extension in the Finder.

To confirm that the signature on the file is valid, do the following:

  1. Open the Terminal from the /Applications/Utilities folder
  2. In the terminal window, type /usr/bin/codesign -v -vvvv
    Note: Do not enter the quotes. It is also important that there is a space after the last v in the command you've entered. Do NOT press return.
  3. Drag the “” into the Terminal window and then press return. The terminal then displays something like the following:

/Volumes/CS5_5 Design Std/Adobe CS5_5 Design Standard/ valid on disk /Volumes/CS5_5 Design Std/Adobe CS5_5 Design Standard/ satisfies its Designated Requirement

The second line, "Satisfies its Designated Requirement" is what confirms that the signature is valid. If the text does not contain this statement, then do not attempt to install the application from this installer. Its security could be compromised.

Additionally, you can also verify who has signed the file:

  1. type "/usr/bin/codesign -d -vvvv "
  2. Drag the same “” into the command window. Again, make sure that there is a space after the last v. And, don't press return until after you've dragged the file. This command  outputs something like the following:

Executable=/Volumes/CS5_5 Design Std/Adobe CS5_5 Design Standard/ …
Authority=Adobe Systems Incorporated
Authority=VeriSign Class 3 Code Signing 2010 CA
Authority=VeriSign Class 3 Public Primary Certification Authority - G5
Signed Time=Mar 29, 2011 11:03:08 AM

If the first "Authority" line is anything other than Adobe Systems Incorporated, don't trust the installer. It could have been modified after Adobe signed it.

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy