{"id":26976,"date":"2019-10-18T16:16:27","date_gmt":"2019-10-18T20:16:27","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=26976"},"modified":"2019-11-05T20:43:10","modified_gmt":"2019-11-06T01:43:10","slug":"beware-apple-security-certificates-after-october-24","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2019\/10\/18\/beware-apple-security-certificates-after-october-24\/","title":{"rendered":"Beware Apple Security Certificates After October 24"},"content":{"rendered":"<p><a href=\"https:\/\/eclecticlight.co\/2019\/10\/18\/beware-apple-security-certificates-after-24-october-they-may-have-expired\/\">Howard Oakley<\/a>:<\/p>\n<blockquote cite=\"https:\/\/eclecticlight.co\/2019\/10\/18\/beware-apple-security-certificates-after-24-october-they-may-have-expired\/\">\n<p>If you have macOS or other Apple installers, chances are that they&rsquo;ll be signed, or use as an intermediate certificate authority, by a certificate which expires very shortly. If you were to try installing that package, macOS will report that it&rsquo;s damaged, and can&rsquo;t be used. The installers affected can be very recent: I&rsquo;ve checked an Installer package for the Mojave 10.14.6 Supplemental Update 2, which shipped on 23 September, just a month from the date of expiration, and both its intermediate and user certificates expire on 24 October 2019.<\/p>\n<p>[&#8230;]<\/p>\n<p>This is unfortunate timing, as it&rsquo;s when those migrating to Catalina are likely to be downloading Mojave installers to give them a safe way back if necessary, or to use in a VM provided by Parallels Desktop or VMWare, for instance. In a week or two you could discover that those installers can no longer run because of this expiration. The only real solution is to wait until after 24 October, then download all important Apple installers, which should have new certificates.<\/p>\n<\/blockquote>\n\n<p>Previously:<\/p>\n<ul>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2019\/10\/15\/catalina-software-update-can-download-old-installers\/\">Catalina &ldquo;softwareupdate&rdquo; Can Download Old Installers<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2019\/08\/28\/installing-old-versions-of-macos\/\">Installing Old Versions of macOS<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2016\/02\/16\/more-mac-app-store-certificate-problems\/\">More Mac App Store Certificate Problems<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2015\/11\/12\/no-one-minding-the-store\/\">No One Minding the Store<\/a><\/li>\n<\/ul>\n\n<p id=\"beware-apple-security-certificates-after-october-24-update-2019-10-31\">Update (2019-10-31): <a href=\"https:\/\/eclecticlight.co\/2019\/10\/27\/last-week-on-my-mac-time-management\/\">Howard Oakley<\/a>:<\/p>\n<blockquote cite=\"https:\/\/eclecticlight.co\/2019\/10\/27\/last-week-on-my-mac-time-management\/\">\n<p>As usual, Apple isn&rsquo;t saying anything, not to users or developers. Its most meaningful communication about this inexcusable failure of support were the 404 errors from download pages. There&rsquo;s no explanation, no apology, no timescale, no support. Yet again, it seems to hope that if it pretends nothing has happened, we&rsquo;ll all forget about it. Just like Apple clearly did until someone&rsquo;s Calendar notified them that crucial certificates expired in a few days time.<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/derflounder.wordpress.com\/2019\/10\/28\/downloading-macos-installers-with-updated-signing-certificates-on-macos-catalina\/\">Rich Trouton<\/a>:<\/p>\n<blockquote cite=\"https:\/\/derflounder.wordpress.com\/2019\/10\/28\/downloading-macos-installers-with-updated-signing-certificates-on-macos-catalina\/\">\n<p>As a follow-up to last week&rsquo;s expiration of the certificate used to sign previously-released macOS installers, Apple has released re-signed macOS installers with the new certificate which is good until April 2029.<\/p>\n<\/blockquote>\n\n<p id=\"beware-apple-security-certificates-after-october-24-update-2019-11-01\">Update (2019-11-01): There are <a href=\"https:\/\/atp.fm\/episodes\/350\">reports<\/a> that this same issue is responsible for <a href=\"https:\/\/www.macrumors.com\/2019\/10\/28\/new-13-2-update-bricking-some-homepods\/\">HomePods getting bricked<\/a>.<\/p>\n\n<p id=\"beware-apple-security-certificates-after-october-24-update-2019-11-05\">Update (2019-11-05): <a href=\"https:\/\/twitter.com\/felix_schwarz\/status\/1190766415038550018\">Felix Schwarz<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/felix_schwarz\/status\/1190766415038550018\">\n<p>Following issues with expired #macOS installers, Apple now provides direct download (!) copies of updated installers for macOS 10.10 - 10.12. For macOS 10.13 - 10.15, Apple provides App Store links.<\/p>\n<\/blockquote>\n\n<p>See also: <a href=\"https:\/\/tidbits.com\/2019\/10\/28\/redownload-archived-macos-installers-to-address-expired-certificates\/\">TidBITS<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Howard Oakley: If you have macOS or other Apple installers, chances are that they&rsquo;ll be signed, or use as an intermediate certificate authority, by a certificate which expires very shortly. If you were to try installing that package, macOS will report that it&rsquo;s damaged, and can&rsquo;t be used. The installers affected can be very recent: [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2019-10-18T20:16:30Z","apple_news_api_id":"076ea343-8a29-48d6-a361-63561dcab650","apple_news_api_modified_at":"2019-11-06T01:43:14Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAw==","apple_news_api_share_url":"https:\/\/apple.news\/AB26jQ4opSNajYWNWHcq2UA","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[1584,1780,30,1666],"class_list":["post-26976","post","type-post","status-publish","format-standard","hentry","category-technology","tag-homepod","tag-installer","tag-mac","tag-macos-10-15"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/26976","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=26976"}],"version-history":[{"count":5,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/26976\/revisions"}],"predecessor-version":[{"id":27197,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/26976\/revisions\/27197"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=26976"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=26976"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=26976"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}