Integrity Check

Apps which have an official tag must be code signed. Unsigned official apps won’t be installable anymore. Code signing is optional for all third-party applications.

 integrity:check-app                 Check app integrity using a signature.
 integrity:check-core                Check core integrity using a signature.
 integrity:sign-app                  Signs an app using a private key.
 integrity:sign-core                 Sign core using a private key

After creating your signing key, sign your app like this example:

sudo -u www-data php occ integrity:sign-app \
   --privateKey=/Users/karlmay/contacts.key \
   --certificate=/Users/karlmay/CA/contacts.crt \

Verify your app:

sudo -u www-data php occ integrity:check-app --path=/pathto/app appname

When it returns nothing, your app is signed correctly. When it returns a message then there is an error.

integrity:sign-core is for ownCloud core developers only.

See code signing to learn more.