Help

Modifying a Self Service Policy To Install iLife With -allowUntrusted Flag

erier2003
New Contributor

Posted on ‎06-26-2013 11:12 AM

The title says it all. I've made a policy that allows users in a specific group (on any machine) to install a suite of iLife packages. When I run the self-service operation, it fails, and checking the console produces this log item for each of the PKGs:

installer: Certificate used to sign package is not trusted. Use -allowUntrusted to override.
Wed Jun 26 13:55:25 Burtless jamf[4559]:    Installing iLifeCookie.pkg...
Wed Jun 26 13:55:25 Burtless jamf[4559]:    Installation failed. The installer reported: installer: Package name is iLifeCookie

Where do I go to add this allowUntrusted flag to the installation process?

0 Kudos
1 REPLY 1

mm2270
Legendary Contributor III

Posted on ‎06-26-2013 11:17 AM

You likely have an old copy of your iLife installer. A while back the certs Apple used to sign packages had expired and the packages had to be resigned. Best option is to obtain a new copy, but if that isn't possible, then you might want to take a look at various posts from Greg Neagle's blog on this-
http://managingosx.wordpress.com/2012/03/24/package-apocalypse/
http://managingosx.wordpress.com/2012/03/24/fixing-packages-with-expired-signatures/

Second link in particular should help you if you can't obtain a package with a non expired certificate.

0 Kudos