Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Forgets to Renew SSL Certificate, Breaking OS X Software Update [Fixed]

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
68,135
38,890



Several readers have noted a strange error message appearing when trying to perform software updates from the Mac App Store.

invalid-certificate.jpg
An Error has occurred

The certificate for this server is invalid. You might be connecting to a server that is pretending to be "swscan.apple.com" which could put you confidential information at risk.
Click to expand...
Swscan.apple.com is one of several servers that Software Update uses to communicate with Apple. The apparent problem is that the security certificate for the server appears to have expired. The certificate was originally valid from May 22, 2012 to May 24, 2014.

expired.png
This is a problem that Apple will need to fix on their side. In the meanwhile, users can manually download updates from Apple's support site.

Update: This may also be the cause of NSURLErrorDomain error -1012, which appears to have started in the same time.

Update 2: Apple appears to have fixed the certificate.

Article Link: Apple Forgets to Renew SSL Certificate, Breaking OS X Software Update [Fixed]
 
Article Link
https://www.macrumors.com/2014/05/25/apple-software-update-invalid/
I'm assuming that this is related?
 

Attachments

  • Screen Shot 2014-05-25 at 12.08.40.png
    Screen Shot 2014-05-25 at 12.08.40.png
    27.1 KB · Views: 217
Seriously?

Isn't there at least one person, at Apple, whose job is to keep things like that up-to-date?
 
All it would've taken is for whoever is in charge of swscan.apple.com to have had a brief conversation with Siri.

"Siri, Remind me to renew SSL Certificate for Swscan.apple.com on May 23. Alert me two days before, and alert me a second time on the day before."

And now Tim Cook should just say to Siri:

"Siri, Remind me to fire the guy in charge of swscan.apple.com on Monday, May 26th."
 
Last edited:
Getting use to this.

It is unfortunate, but I have come to accept that Apple is prone to lots of mistakes. Under Jobs these mistakes were limited, but now the Cook steers the ship, the waters are more hazardous.
 
It's astonishing how often this happens to businesses. Of course there's little real reason for these certificates to expire: it's just a way for the certificate-issuing cartel to leach money from businesses periodically. But that's no excuse for not keeping on top of it, just like you do with your domain names, insurance policies, utility bills, and biannual "campaign contribution" to your Congressmonster.
 
JAQ said:
It's astonishing how often this happens to businesses. Of course there's little real reason for these certificates to expire: it's just a way for the certificate-issuing cartel to leach money from businesses periodically. But that's no excuse for not keeping on top of it, just like you do with your domain names, insurance policies, utility bills, and biannual "campaign contribution" to your Congressmonster.
Click to expand...

It's a good mitigation technique. No different from changing passwords periodically, except probably more important.
 
Yvan256 said:
Isn't there at least one person, at Apple, whose job is to keep things like that up-to-date?
Click to expand...

Most likely, there are multiple people responsible for it -- and every one of them assumed that one of the others would do it. I saw that scenario multiple times throughout my career.
 
Someone just lost their end of year bonus...or their job. :apple:

Yep, I get the same error now. Yay!
 
I got this this morning and was worried it had been hacked, after reading about iCloud and activation lock possibly being compromised.

Reminds me of when someone at MS forgot the renew the hotmail.com domain and someone snapped it up.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back