Jamf Nation Community

J_Morgan · ‎07-31-2024

So I've created a new package using Jamf Pro web GUI, pointed it to a newly uploaded file on repository, and tried to deploy, but all installs are failing because the "package could not be verified".

Never had this issue with Jamf Admin...just sayin'

Jim

SGill · ‎10-11-2024

I only meant when you have a new package to deploy, create a new entry for it in the Jamf->Computer Management -> Packages section, instead of updating an existing package definition entry there. That seems to solve the recent issue of invalid checksums (an issue Jamf Admin used to handle for us!). After you create your new entry, it is OK to update it afterwards (seems to be a 11.9 glitch with the removal of a "Ignore" setting in the verify packages sections of Computer Management -> Security settings).

View solution in original post

J_Morgan · ‎07-31-2024

This is a .pkg installer I downloaded from our GoToAssist's customer portal, not some random or self-baked .pkg

Do we need to create our own packages using Composer and add our own developer certificate of authority (which we don't have) for Jamf to be able to use this package?

Jim

AJPinto · ‎08-01-2024

Assuming the package runs fine locally, I would intercept the package that Jamf is deploying and inspect it. Packages cache to the Jamf waiting room on the device and will stay there for a few minutes. Grab the package before Jamf deletes it and look at the package with Suspicious Package and see if anything looks strange.

If the package does not run locally, then the package is bad.

As far as using composer, if you have Jamf Pro you do not need to sign in house packages. Jamf Pro does not use Apples MDM framework to deploy packages and does not care if they are signed. If you are using Jamf Now, that uses Apples MDM framework to deploy packages, and they do need to be signed.

SGill · ‎10-02-2024

We are seeing this now, too. It started with the recent upgrade of jamf pro from 11.6 to 11.9. Jamf has removed the option to ignore package verification now in Settings->Computer Management ->Package Validation, as well as having removed the app Jamf Admin in Jamf Pro 11.6. Jamf Admin used to handle the verification for us, and now both options for bypassing this are seemingly gone....

Scarecrow8745 · ‎10-03-2024

I'm just encountering this issue.

I'm currently running 'JAMF Sync' to calculate checksums. Doesn't do anything for Verification Bypass that I'm aware of, looks like JAMF only allows the option of "If checksum present".

MattuSk · ‎10-06-2024

Got the same issues

SGill · ‎10-07-2024

Jamf support had me create new (not renamed or reused) package definitions for the latest pkgs in Jamf ...that seems to have resolved the trouble we were seeing...

njablonskinvcc · ‎10-11-2024

What do you mean by create new package definitions? Having this problem with a recently created pkg from Jamf Composer.

SGill · ‎10-11-2024

I only meant when you have a new package to deploy, create a new entry for it in the Jamf->Computer Management -> Packages section, instead of updating an existing package definition entry there. That seems to solve the recent issue of invalid checksums (an issue Jamf Admin used to handle for us!). After you create your new entry, it is OK to update it afterwards (seems to be a 11.9 glitch with the removal of a "Ignore" setting in the verify packages sections of Computer Management -> Security settings).

njablonskinvcc · ‎10-11-2024

Ahh ok. That makes total sense because I'm only having this issue with an updated package. My newly created entry from yesterday is working fine. Annoying they removed the option to ignore checksums entirely. Thanks for replying!

FutureFacinLuke · a week ago

Added an FR requesting Jamf force a calculation of the checksum when a package is replaced.

Go upvote it so we can use one of the best timesavers switching to Jamf Cloud gave us.

https://ideas.jamf.com/ideas/JPRO-I-842

Jamf Nation Community

Verify package integrity - "package could not be verified"