FYI: Failed BridgeOS updates, SSL Inspection, and whitelisting tbsc.apple.com

sdagley
Honored Contributor II

Just an FYI... If your organization uses SSL Inspection on network traffic, and you haven't whitelisted the entire apple.com domain, you will want to add tbsc.apple.com to your whitelist. SSL Inspection on that server will result in failed installs or updates to macOS Mojave (I didn't test Catalina) when those also required a BridgeOS update be download and installed.

Apple's Use Apple products on enterprise networks doesn't yet list this server, but an update has been requested. It's now included in Apple's Use Apple products on enterprise networks document.

6 REPLIES 6

donmontalvo
Esteemed Contributor II

Did you mean tbsc.apple.com?

--
https://donmontalvo.com

sdagley
Honored Contributor II

@donmontalvo Yes. @#$%^ autocorrect stripes again. Joke intended.

DanielMa
New Contributor III

If you don't have access to Apples tool I can recommend https://marketplace.jamf.com/details/jamf-environment-test might be useful for testing Apple URLS based on that same KB article

sdagley
Honored Contributor II

@daniel.maclaughlin Thanks, that's a very handy script! You might want to edit the link you provided though as the link itself is missing

DanielMa
New Contributor III

Thanks @sdagley link has been fixed now too

gabester
Contributor III

And just because I followed the link and stared at the Marketplace page for a full 5 minutes trying to find the download link - here it is: https://github.com/jamf/Jamf-Environment-Test/releases/download/1.4/Jamf.Environment.Test.zip