Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
OS X Installers Downloaded Prior to February 14 No Longer Work After Certificate Update
- Thread starter MacRumors
- Start date
- Sort by reaction score
I have 10.5 to 10.11 running on my 2008 Xserve on many partitions and the rest are install ISOs just in case I ever need to sort out an older Mac.
Gorgeous.Yay more downloading for me...
![woops.jpg]()
We all have very little control over our lives, much less than we actually realize or admit.
Recent versions of Windows do code-signing too.
in fact just recently, Microsoft had a certificate SNAFU that was far worse:
http://news.softpedia.com/news/serv...-ca-audit-data-from-its-partners-501357.shtml
Essentially they lost the audit trail for a bunch of root certificates. Because they're a root CA they threatened via automated script to remove everybody's certificates. Because they had a system failure, lost data and didn't have a recent enough backup.
What Apple did is standard operating procedure. What Microsoft just did most certainly is not.
It would be nice if they provided a process for the end user to re-sign the installers, but that would mean anyone could tamper with them and re-sign them as well.
Last edited:
This unfortunately is the final nail in the coffin for bootable dvd installers. Although apple dropped this with lion, it has been possible to make them since then. But they too will be inflicted by this problem. It will of course be possible to circumvent the problem with the date trick. But you shouldn't have to.
The main advantage bootable usbs have had over dvds is that they boot much faster.
But there is another advantage. The bootable usbs can be updated and the dvds can't. If you want dvds you will have to burn new ones.
I've now made 5 new bootable usbs for the systems that now require it. That was painful - but manageable.
But I REALLY hate having to recreate the dvds. Not sure I can contain my rage on that one. This may well be the last time I make them.
The main advantage bootable usbs have had over dvds is that they boot much faster.
But there is another advantage. The bootable usbs can be updated and the dvds can't. If you want dvds you will have to burn new ones.
I've now made 5 new bootable usbs for the systems that now require it. That was painful - but manageable.
But I REALLY hate having to recreate the dvds. Not sure I can contain my rage on that one. This may well be the last time I make them.
That worked, and thanks so much for the tip. I'd prepared a flash drive to reload OSX on a new drive, got the error message, ran Terminal and entered the date command, and I was good to go. ☺️
Well, if I want to install an backed up OS copy and can't this is simply ****ed up.
I could infinitely reinstalled Mac OS X 10.3, 10.4, 10.5 (just did last year on my upgraded Cube (1.2 GHz CPU and SSD, Radeon graphics ...) 10.6 etc. pp. And now just due to some stupid certificate expiration we need to download tons of GB again, which usually do not load on new Macs anymore. And who guarantees that you can reload an older release in a year or five? And why is there no "certificate warning box" to review the details and dismiss in case of - like for SSL certs in the browser?
Well done and sophisticated UI and software design is something else, …
[doublepost=1457292243][/doublepost]
And then a museum wants to restore it on an exhibition piece? Thanks god it appears you can tweak the date to work around it for now ;-/ !
Infuriating. I don't mind having a more secure system, its why I moved to OSX from Windows years ago. But seriously... like everyone else says... this is MY computer, and I should be able to download whichever OS I want. I just want to store the damn things so it does not matter one whit whether its currently compatible. Just makes me want to downgrade all the way to Snow Leopard (which is what my Macs came with). *GRUMBLE*
Unfortunately the last 30-40 years of computing has proven that letting people run anything doesn't work. Because no computer user is in a position to audit the code they run before they run it to verify it is authentic, every single time they run it.
The PC world allows for third party certificates to be used by installing your own certificates into the EFI/BIOS. Perhaps this is something apple should consider.
But the number of users this affects is relatively small, and it opens up a potential problem where malware could potentially install its own certificate into the EFI, or trick the user into doing so.
So unfortunately, this is a cost of having a secure platform these days - because the average user doesn't understand how to verify software and even those who do simply do not have the time to do so every time they execute something.
Are you saying that they are smart enought to create a new designed obsolescence but dumb enought to allow you can set the date back on computers?
I know I was pointing out that if they really wanted to create a planned obsolescence the first thing they would have looked at would be not allowing to set the date back...
Of course they wouldn't have relased update installers either....
This actually makes perfect sense. An up to date USB installer requires a minimal amount of updates post installation. An installer is easy to create. DiskMaker X takes the hard work out of it and v.5 is compatible with El Capitan. I've now updated USB installers for OS X Mavericks, Yosemite and El Capitan with this useful tool
http://diskmakerx.com
[doublepost=1457341156][/doublepost]
21.5" mid 2011 iMac running OS X El Capitan and Snow Leopard.
[doublepost=1457341438][/doublepost]
http://kb.parallels.com/en/123276
Wish I could find a way to run OS X Tiger in a virtual environment.
http://diskmakerx.com
[doublepost=1457341156][/doublepost]
A veritable treasure trove of OS X releases. I only have images going back to OS X 10.5 Leopard. You never know when those old images may come in useful. One thing that is glaringly obvious is how much the OS X images have grown in size. OS X Tiger 2.74 GB to OS X Leopard the following release 7.63 GB. A massive bump.Yay more downloading for me...
![woops.jpg]()
21.5" mid 2011 iMac running OS X El Capitan and Snow Leopard.
[doublepost=1457341438][/doublepost]
OS X Leopard Server and OS X Snow Leopard Server will run in a virtual environment on Parallels Desktop 11
http://kb.parallels.com/en/123276
Wish I could find a way to run OS X Tiger in a virtual environment.
All those poor people finding themselves in the middle of the Sahara Desert and in desperate need to reinstall their Macs!
I haven't verified this since I came across this. But the older installers I've created from the ESD files did seem to work on the last machine I restored Yosemite onto (2 weeks back). The USB I tried creating at the end of February however wouldn't work at all. Had to dig out the older ones I made last year. The one's I had attempted recently I tried building by hand with the terminal, and through DiskMaker X 5. It would complete building, but would refuse to install.
Changing the date of the machine may allow the post-expiration built installers to work.
That works in theory. In practice downloading installers every time Apple screws up with certificates isn't practical because not everyone has a fast internet. And even with relatively fast broadband downloading installers and updating installer media takes a long time.
I hope Apple finally wakes up and creates a GUI option to create installer like DiskMaker X does. Memory stick is much faster and reliable than relying on internet recovery if one needs to reinstall OS X.
Sucks, but people just have to deal with the fact that you're going to need an internet connection sooner or later.
Let's see...how long will it take me to re-download Lion, Mountain Lion, Mavericks, Yosemite, and El Capitan on my 768 kbps (at best) internet connection?
Following up on my post, it took just under 12 hours for me to download Lion.
In my experience this means you did download it, and you have a local copy somewhere. I believe the default location is Applications (not Downloads). But it could be anywhere, so use Spotlight to find it and delete it. Then the download links are no longer greyed out and you can get a fresh copy.