Fiery Printer Driver & Expired Certificate

gskibum
Contributor III

I'm trying to install the print driver for the Xerox 550-560 with Integrated Fiery onto Sierra boxes via Self Service. Logs for the failed policy:

[STEP 1 of 5]
Executing Policy Xerox 550-560 - Install
[STEP 2 of 5]
Mounting Distribution Point
Verifying package integrity...
Copying Fiery Printer Driver.pkg...
Installing Fiery Printer Driver.pkg...
Installation failed. The installer reported: installer: Package name is Fiery Printer Driver<br/>installer: Certificate used to sign package is not trusted. Use -allowUntrusted to override.
[STEP 3 of 5]
Mapping Printer Xerox 550-560 Integrated Fiery...
[STEP 4 of 5]
[STEP 5 of 5]
Unmounting file server...

I went to the download page to see if there is an updated driver for Sierra. There is not an updated one available for Sierra. So I downloaded the El Capitan driver and tried to install it, only to be presented with a certificate error stating that the certificate was expired. I trusted the cert and the driver installed properly.

Download Link Here

Back to the log file, is there a way of overcoming this by trusting the certificate somehow?

1 ACCEPTED SOLUTION

koszyczj
New Contributor III

I would create a pkg in composer that stages the install Fiery pkg in a temp location, then add a postinstall script to execute the Fiery pkg install from that temp location using the -allowUntrusted flag....

/usr/sbin/installer -pkg /Pathtopkg/whatever.pkg -target / -allowUntrusted

Then you can just add a line to delete the Fiery pkg to clean everything up.

View solution in original post

6 REPLIES 6

koszyczj
New Contributor III

Have you tried using the -allowUntrusted flag?

gskibum
Contributor III

How is that done with a package from a third party?

Do I have to script this or is there an easier way to set the flag with packages deployed via policy?

koszyczj
New Contributor III

I would create a pkg in composer that stages the install Fiery pkg in a temp location, then add a postinstall script to execute the Fiery pkg install from that temp location using the -allowUntrusted flag....

/usr/sbin/installer -pkg /Pathtopkg/whatever.pkg -target / -allowUntrusted

Then you can just add a line to delete the Fiery pkg to clean everything up.

gskibum
Contributor III

Ah I see. I've never come across the need to do that. That is an awesome trick you've got up your sleeve there!

admin_eit
New Contributor

I have just had the same issue and although the driver worked to print there was not full functionality available. The fiery driver was crossed out when trying to select the fiery functions from the printer. On investigation if you go to http://fieryforums.efi.com/showthread.php/6520-Mac-software-installation-issues?s=edee375a94503928fd9e1f882aa7c1c8
You will see that EFI actually provide the certificate and have an updated version available.
Hope that helps other who have issues with the Xerox 550 560 fiery driver

stevewood
Honored Contributor II
Honored Contributor II

@gskibum multiple ways, something about cats, etc.... If you have AutoPkg(r) setup somewhere, you can create a Fiery driver package that will install without needing to go the Composer route. @foigus has a wonderful write up on his blog, Trial By Fiery. I've followed this process several times over the last few months, and each time I get a pretty little PKG file that I can deploy straight from Jamf Pro without having to do any further changes.