[SmartcardServices-Users] Problem recognizing Apple's Root Certification Authority cert
Shawn Geddis
geddis at me.com
Tue Dec 18 08:12:00 PST 2012
David,
I would suggest that you submit a ticket [http://smartcardservices.macosforge.org/trac/newticket] with screen shots, logs.
Since the installer is successful when the proper Intermediate CA Certificate is available, sounds like we still have some challenges on that end.
Also, what is your Gatekeeper setting ?
- Mac App Store
- Mac App Store and identified developers
- Anywhere
Having this set to anything other than "Anywhere" or not manually overriding (<control> & "Open...") the setting temporarily will prevent the launch of the installer as well.
- Shawn
______________________________________________________
Shawn Geddis geddis at me.com
Enterprise Security Consulting Engineer, Apple geddis at apple.com
MacOSForge: Smart Card Services Project Lead:
Web: http://smartcardservices.macosforge.org/
Lists: http://lists.macosforge.org/mailman/listinfo
______________________________________________________
On Dec 17, 2012, at 3:04 PM, "Kasprzyk, David C" <david.c.kasprzyk at boeing.com> wrote:
> Thanks Shawn,
>
> I just got my user to check this on his machine. Keychain reports:
>
> Evaluation Status: Success
> Certificate Status: Good
>
> This is the same as on my MBP where the install worked. We retested the
> install and got the same error.
>
> Thoughts?
>
> David
>
> On 12/10/12 8:30 AM, "Shawn Geddis" <geddis at me.com> wrote:
>
>> On Dec 7, 2012, at 4:20 PM, "Kasprzyk, David C"
>> <david.c.kasprzyk at boeing.com> wrote:
>>> I had no issue installing the Smart Card Services Update 2.0.b2 for
>>> Mountain Lion on one of my 10.8.2 machines (one that already had
>>> developer tools installed), however on a clean 10.8.2 machine. I'm
>>> unable to install the package, even after manually adding the
>>> certificate to my login key chain. I'm getting the same error that
>>> Thomas Carroll reported on Nov 8th to the list. What am I missing with
>>> my certificate install that the OS still thinks the update is untrusted?
>>
>> David,
>>
>> The best/easiest method to determine the evaluation status of a
>> certificate is to perform the following:
>>
>> 1) Launch Keychain Access
>> 2) Select (highlight) either the Intermediate Certificate or the
>> Certificate used to sign the installer
>> (Intermediate Cert: "Apple Worldwide Developer Relations Certification
>> Authority")
>> (Code Signing Cert: "Mac Developer: Shawn Geddis (732BB4NPDQ)"
>> 3) Select Keychain Access-->Certificate Assistant-->Evaluate "<name of
>> selected certificate>"...
>> 4) Select "Generic (certificate chain validation only)
>> 5) Notice the "Certificate Status" -- should be "Good"
>>
>> You will see the status of the Certificate as well as be able to click on
>> the "Show Certificate..." to see the complete Certificate Chain used for
>> Trust Validation for this certificate.
>>
>> What do you see on yours ?
>>
>> You can submit a ticket at the Project and proceed that way as well.
>>
>> - Shawn
>> ______________________________________________________
>> Shawn Geddis geddis at me.com
>> Enterprise Security Consulting Engineer, Apple geddis at apple.com
>>
>> MacOSForge: Smart Card Services Project Lead:
>>
>> Web: http://smartcardservices.macosforge.org/
>> Lists: http://lists.macosforge.org/mailman/listinfo
>> ______________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20121218/5f2050ff/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4382 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20121218/5f2050ff/attachment.p7s>
More information about the SmartcardServices-Users
mailing list