Appliance is not signed


Hello.When importing Whonix image to Virtualbox(windows), it says "Appliance is not signed"
This has been happening since sometime last year.
Virtulabox(linux) doesn’t say that.
Of course,I verified the OpenPGP signatures when I downloaded them.
Is this no problem?


Good day,

Could you perhaps provide a screenshot?

Have a nice day,



Thank you for replying.
Here’s screenshot.


I came across this when searching the Vbox forum. Vbox “appliance not singed” . It simply states that its a information message. Its up to the user to decide weather to trust that the location the file was downloaded from is trustworthy.

I’m not sure if this applies to your situation though. @Ego will be able to answer this for you.


We’re providing gpg signatures (which are state of the art) and don’t use VirtualBox’s verification feature (which doesn’t matter if you did the provided gpg verification). We haven’t checked out VirtualBox’s VM signing feature yet, but let it mature, we might look into it later.


Thank you all for your answers.