Apple is distrusting Symantec CA

gda
Contributor

Apple seems to start distrusting Symantec certificate authorities starting from July 20, 2018.
See https://support.apple.com/en-us/HT208860

Will this have an impact on the Symantec PKI settings and certificates in Jamf Pro?

3 REPLIES 3

franton
Valued Contributor III

Slim to nothing.

The Symantec PKI is an enterprise tool for internal cert use. The depreciated certs in that KB are for the public internet.

jconte
Contributor II

The problem for us is that we use these certs for our in building wifi across the enterprise and our Macs will break because they can't update the cert until Windows (50,000+) get the new certs. Does anyone know how these are distributed to Mac's ? SWU ?

we are working on some possible alternatives but 2 weeks isn't giving us much time, hoping there is a way to temporarily prevent until we get a workaround.

Thanks

gda
Contributor

I think there will be a SWU available to distrust the Symantec CA's. Maybe it's already integrated in 10.13.6. Or it comes with some if the critical background updates.

But since @franton mentioned that Symantec PKI is a tool for internal cert use, the certs may not signed against a public available Symantec CA.