- Jamf Nation Community
- Products
- Jamf Pro
- QuickTime pkg fails cause certificate issue
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2015 02:38 AM
Dear Casper Folks.
Our default Apple QuickTime Package wont´t work anymore. Maybe, the problem is caused by some OS X security, gatekeeper, Xprotec or so update. But i can´t figure out. Maybe some one can give me an advice here, because the Capser Logs doen´t help me yet:
Downloading 010001.01.QuickTimePlayer.7.6.6.pkg...
This package is a PKG or an MPKG, and the index.bom file is not found. Attempting to open the package as a flat package...
Downloading https://xxxxxxxxx/xxxxxxxx/010001.01.QuickTimePlayer.7.6.6.pkg...
Installing 010001.01.QuickTimePlayer.7.6.6...
Installation failed. The installer reported: installer: Package name is QuickTime Player 7
installer: Certificate used to sign package is not trusted. Use -allowUntrusted to override.
So, obvouisly there is a cert problem. I tried installting the package on my client by my self (manual testing), and the package exit with success. So, the package itself should be ok.
Package Validation is set to "never" in JSS Computer Management. We have this problem only wit QuickTime 7.
Anyone any tips?
Solved! Go to Solution.
2 ACCEPTED SOLUTIONS
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2015 04:17 AM
There was recently an issue with old packages from Apple that had expiring certs. Apple was replacing the packages with newly signed ones.
Try redowbloading the Quicktime package from Apple.
https://derflounder.wordpress.com/2015/02/10/certificate-authority-expiration-and-apple-software-updates/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2015 04:40 AM
For older Apple installers, the Apple Software Update Certification Authority certificate authority used to sign them expired on February 14, 2015.
Once the Apple Software Update Certification Authority certificate authority expired, that breaks the chain of trust for any certificates that rely on it. As a consequence, a Software Update certificate used to sign an installer which uses the expired Apple Software Update Certification Authority won’t be trusted even though the Software Update certificate itself does not expire until 2019. Instead, the Software Update certificate will show up as invalid because of an invalid issuer.
The fix is to download a new copy of the installer from Apple, or to use the installer command line tool's -allowUntrusted option to install it.
Wherever possible, I recommend downloading a new installer from Apple.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2015 03:58 AM
Did you re-package it in Composer (or similar) and sign with a developer cert? Could it be that cert has expired?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2015 04:03 AM
The pkg we use is the native package from apple!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2015 04:17 AM
There was recently an issue with old packages from Apple that had expiring certs. Apple was replacing the packages with newly signed ones.
Try redowbloading the Quicktime package from Apple.
https://derflounder.wordpress.com/2015/02/10/certificate-authority-expiration-and-apple-software-updates/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2015 04:40 AM
For older Apple installers, the Apple Software Update Certification Authority certificate authority used to sign them expired on February 14, 2015.
Once the Apple Software Update Certification Authority certificate authority expired, that breaks the chain of trust for any certificates that rely on it. As a consequence, a Software Update certificate used to sign an installer which uses the expired Apple Software Update Certification Authority won’t be trusted even though the Software Update certificate itself does not expire until 2019. Instead, the Software Update certificate will show up as invalid because of an invalid issuer.
The fix is to download a new copy of the installer from Apple, or to use the installer command line tool's -allowUntrusted option to install it.
Wherever possible, I recommend downloading a new installer from Apple.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2015 11:33 PM
Tanks @chriscollins and @rtrouton, redownloading the Quicktime PKG from Apple solves my issue. Top Nice
