File this one under “Obscure problems that could ruin your day.” TidBITS reader Randy Singer reports that due to an expired certificate, OS X installers downloaded prior to 14 February 2016 won’t work.
The Apple Worldwide Developer Relations Intermediate Certificate is required for all apps in the Mac App Store, including OS X installers. When used to sign an app, the certificate enables OS X to confirm that the app has not been corrupted or modified by an attacker. This certificate expired on 14 February 2016, causing error dialogs and preventing some apps from launching. Most apps affected have already been updated with the new certificate. But if you downloaded an OS X installer in case of trouble, you may be in for a surprise the next time you try to use it.
Take note.
Deleted. Serves me right for not reading all the way through before I post!
Edited 2016-03-03 21:03 UTC
I presume if you tick the “Allow apps downloaded from: Anywhere” option ticked in the Security and Privacy system preference panel this won’t be a problem.
So you, like, don’t actually KNOW that will work.
Why bother responding, then?
I don’t know – hence the question mark – but I wondered if changing the system preference panel would solve this problem. It seemed reasonable to toss out such an idea and see if anyone had any more concrete info – do you think that is unreasonable?
One reason I don’t know whether changing the system preference makes a difference is because I couldn’t find any actual app store installers on my system to test it on, even though I do have apps from the store installed.
As other commentators have pointed out in another thread that’s because such installers are not generally left on your machine after the app is installed.
I am struggling to understand under what circumstances this issue would manifest as a real world problem. Can anyone clarify?
No. Even with gatekeeper off (my system’s setting) it will still check app store certificates, if said app comes from the Mac App Store. Allowing apps from anywhere simply allows any app to run even without a certificate. It does not halt the certificate checks for apps that do have them.
So *everything* or just from the Mac App Store? I’m going to be honest, I can’t think of a single Mac App Store app that I have on my machine, that leaves an installer hanging about… apart form the Apple ones for the OS X install.
I’ve never seen an OS X installer “hang about” once used. The only way it does so is if you deliberately download it, then quit the installer. Generally this is done so that you can create recovery media from the particular installer to use on another machine or hard drive.
This issue would manifest if you have an OS installer in a network share or media that was downloaded from the App Store (mostly OS X, I can’t think of any of ther installed on the store) and you use it for installing on systems for upgrades and such.
Re downloading it fixes it, but that is if you can. It sucks if you have old hardware and the download is not available in the store.