Skip to main content

Just a heads up that today, the installer certificates used to sign Apple OS installers (previous to Catalina) and update packages, will be expiring.



Any previous-to-this-month installer packages and OS installers (not Catalina, but earlier) will fail to run. They may report errors, or that the installer app is damaged.



Also, Apple has not updated all of the packages (ie ATM the 10.14.6 updaters, both regular and Combo, are expiring today. They're on it, but...)



I blogged in more detail about this here:
The Apple Packagepocalypse, 2019 Edition



You're going to need to audit ALL of your packages from Apple, potentially redownloading them (Suspicious Package is an incredibly useful tool for this). You're also going to need to re-download the Mojave/High Sierra/Sierra et. al. installers from Apple and, if you have any USB OS installers created, re-create them.

Hi All, I am in the middle of deploying macOSUpd10.14.6Supplemental2.pkg and SecUpd2019-005HighSierra.pkg. As of the 24th, all computer that ran either one of these updates returned this in Jamf Pro:
"Installation failed. The installer reported: installer: Package name is Security Update 2019-005
installer: Certificate used to sign package is not trusted. Use -allowUntrusted to override." as pointed out above, this is the Cert expired issue. Where can I get the updated security updates from? I need to be able to download them from an Apple site.

https://support.apple.com/downloads/

@donmontalvo I am not seeing any current updates there. They are still saying Sept 26th?

@donmontalvo even then I do not see this package : macOSUpd10.14.6Supplemental2.pkg

This one is updated, even though the page itself isn't:



Download Security Update 2019-005 (High Sierra)



If the other one isn't updated, would open a ticket with AppleCare Enterprise Support to request download link.



They're pretty quick to response. They usually have to rattle someone's cage to get these pages updated. :)

@brunerd has a great script for this - https://gist.github.com/brunerd/1e8402b70ab02115852badfd1536fd41



blog post about it - http://www.brunerd.com/blog/2019/10/28/time-to-die-when-mac-app-and-package-certificates-expire/

Reply


Terms & ConditionsCookie settings