WSS Agent on macOS Requires Apple Notarization
search cancel

WSS Agent on macOS Requires Apple Notarization


Article ID: 184810


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Unable to install WSS Agent due to the requirement for the installation package to be notarized.

When trying to install WSS Agent on macOS Catalina, you get the following error:
""Symantec WSS Agent [version number].pkg" can't be opened because Apple cannot check it for malicious software. This software needs to be updated. Contact the developer for more information."


Web Security Service

WSS Agent



By default, macOS Catalina and versions following requires software to be notarized, so you can be confident that the software you run on your Mac doesn't contain known malware. 

The WSS Agent package itself is signed, but not notarized. The code within the package is signed and notarized. The default configuration for Catalina allows for this to be installed. However, if this default configuration has been changed, and your system requires a notarized package in addition to being just signed, please contact WSS Technical Support. The package can be notarized and provided to you. It can take up to 5 business days to provide this notarized package.

The package is not notarized because installers are created per customer to contain the tenant-specific information in a process referred to as stamping. Since notarization is a relatively long process, this cannot be done in real-time and we must provide notarized installers out-of-band when needed.


Option #1

Right-click on the software package -> Open With >

This will begin the standard setup routine and the installation succeeds. 

Option #2

If the Apple-supported method of using the context menu in option #1 is not possible and you require a notarized package, please contact WSS Technical Support. 

On the Support Ticket, please attach the following information:

In order to notarize the dmg file, the WSS Support team must have the following information:

  1. WSS Subscription ID
  2. Current .dmg file to be notarized
  3. MD5 sum of the .dmg file being notarized