Certificate expiration and downloaded Mac App Store installers
Mac admins who have previously downloaded installers from the Mac App Store may be seeing some of those installers displaying warning messages and/or failing to install as of this morning.
This behavior is now appearing because the certificate Apple had been using to digitally sign installers for MAS apps has recently expired.
https://twitter.com/hunty1er/status/699048693316476928
Apple is handling the issue on their end by reissuing installers, which are signed with an updated certificate that expires on February 7, 2023. If a needed application with the correct version is still available from the MAS, the easiest fix may be to re-download the installer from the MAS. The newly-downloaded installer will be signed with the new certificate.
In the case of applications where the needed version is no longer available from the MAS, or the application itself is no longer available, there are two ways to handle this issue:
- Use the -allowUntrusted function if installing using the installer command line tool.
- Use Greg Neagle’s flatpkgfixer.py tool to remove the expired certificate from the installer package.
Having this issue with OS X installers, from Mavericks to El-Capitan.
Is there a way to allowuntrusted to this problem?
BTW, if using createOSXinstallPkg, the problems doesn’t happen.
Change computer date to something before expiration to use older packages. I tested a bunch of install configs for my laptop 2 weeks ago using my last downloaded Mavericks installer, sat down to run the real install yesterday and osx installers refused to verify and run, all of them even back ups. I noticed this same cert issue and just changed time accordingly, BAM mavericks installing.
Is there a way to check before installing what certificate an installer has in it?