If you've got an old macOS install image, it will probably stop working today

2»

Comments

  • Reply 21 of 30
    arthurba said:
    It seems a bit weird to me.  I run a small software company, and we sign our installers.  When we sign the installer, the signature is timestamped.  The certificate only needs to be valid at the time of timestamping.  If you don't sign with a timestamp, then yes the signed installer is only valid for as long as the certificate is valid - but that's why you sign with a timestamp.  It's pretty standard across the industry.  It's why you can still install microsoft patches years later, or my own companies software.

    I guess Apple have done this deliberately to ensure old installers expire, but that's pretty poor behaviour.  How many Mac Admin's are today downloading / updating their cache of installers?  How many man hours of wasted time?  You can probably measure the drop in productivity against US GDP.  It should be a crime to force us all to waste so much effort.  Force employers all over the country to have their staff unproductive for a few hours - how about 4 hours of income fined from Apple - how would they feel about that?
    Yes! Apple does this to drive people to the newer OS's. Even the warning pushes you "This copy of the installer MacOS XYZ application is damaged" You could down load five or six more times from even different sources everyone will fail as the installer compares the certificate expiration date and your systems clock setting if the cert has not expired. So if you back date your system you're good to go!

    While its nice to have a properly signed installer given the date I'm using the installer, most of us just cheat as its just quicker! Many companies don't allow their users to alter their systems as often the applications and their licenses may prevent jumping to a newer OS. This gets back to how soon after a given OS release the legwork of testing and if needed getting the updated apps installed and testing them.

    Personal systems and small business's have the advantage here as they can be more fleet footed, larger companies don't always have the latitude to be as reactive.
  • Reply 22 of 30
    philboogiephilboogie Posts: 7,675member
    Still available, the lion from a mountain:
    https://www.apple.com/shop/product/D6377Z/A/os-x-mountain-lion

    zhiro
  • Reply 23 of 30
    Mike WuertheleMike Wuerthele Posts: 6,858administrator
    Apple published this today, with download links back to El Capitan. A quick check shows these all signed through 2029.

    https://support.apple.com/en-us/HT201372
    zhirojohn.b
  • Reply 24 of 30
    ITGUYINSD said:
    Samhain said:
    BigDann said:
    You know there is a very easy fix here!

    The installer looks at its certificates and the systems date. So as long as the systems date is older than the expiring cert the installer won't be the wiser!

    As an example I just installed Sierra on an old 2011 iMac. I altered the systems Date & Time setting to manual and then back dated it to Jan 2017. Restarted the system and then ran the OS installer USB thumb drive I've setup. Once done reset the Date and Time to automatic and its done!
    Workarounds (like yours) are good to know in a pinch. The fix is to download the images, with the new certificate, because setting back a system clock can have unintended consequences.


    Mike you said ‘ The fix is to download the images, with the new certificate,‘ sorry if I am being dense, but how do you do this now the installers are no longer available?
    Most are available now, minus a few. They should all be available by tomorrow.

    The key point, is if you have an install disk or update image that isn't Catalina that's older than about three weeks, you're going to need to replace it.
    Probably a dumb question, but now that the App Store is different, I can't find all the old OS versions (El Cap, Yosemite, High Sierra, etc.).  Where do we get those?
    Not a dumb question. The Medium post has most of them linked. Here they are:

    Sierra: https://support.apple.com/en-us/HT208202
    High Sierra: https://support.apple.com/en-us/HT208969
    Mojave: https://support.apple.com/HT210190
    The rest: https://support.apple.com/downloads

    Further back than that, the best way is hitting the App Store from a Yosemite Mac and checking out the Purchased tab -- assuming that's where you got the OS from.
    Thanks for posting the links, but my God they are making it hard for Mac users who cannot or do not want to install the latest system. These are not iOS users. 
    zhiro
  • Reply 25 of 30
    Mike WuertheleMike Wuerthele Posts: 6,858administrator
    BigDann said:
    BigDann said:
    You know there is a very easy fix here!

    The installer looks at its certificates and the systems date. So as long as the systems date is older than the expiring cert the installer won't be the wiser!

    As an example I just installed Sierra on an old 2011 iMac. I altered the systems Date & Time setting to manual and then back dated it to Jan 2017. Restarted the system and then ran the OS installer USB thumb drive I've setup. Once done reset the Date and Time to automatic and its done!
    Workarounds (like yours) are good to know in a pinch. The fix is to download the images, with the new certificate, because setting back a system clock can have unintended consequences.


    Apple long since stopped signing the older installers ;-{ They only update the last two OS's now. Besides, its more work resetting up the installer USB drive.

    There's no risks here! As long as you reset the Date and Time back to auto the Apple time server will set things for you. I've done quite a few systems haven't encountered any issues over the last 10 years.
    There are risks, particularly in regulated systems with data security measures, like in federal service. There are a few other potential issues, like with computers enrolled in device management or other control systems. There are also potential problems with computers that may connect to a network share that's MAC-gated.

    I agree that in small businesses there is less of one. Best practice is to to still get the new installer, like you said later.
    philboogie
  • Reply 26 of 30
    maltzmaltz Posts: 453member
    Apple published this today, with download links back to El Capitan. A quick check shows these all signed through 2029.

    https://support.apple.com/en-us/HT201372
    The link for High Sierra (10.13) takes you to the app store which then gives an error that the requested version of macOS is not available.  I assume this is because I'm running on Mojave (10.14) now and it's refusing to even download the older installer.
  • Reply 27 of 30
    Mike WuertheleMike Wuerthele Posts: 6,858administrator
    maltz said:
    Apple published this today, with download links back to El Capitan. A quick check shows these all signed through 2029.

    https://support.apple.com/en-us/HT201372
    The link for High Sierra (10.13) takes you to the app store which then gives an error that the requested version of macOS is not available.  I assume this is because I'm running on Mojave (10.14) now and it's refusing to even download the older installer.
    Yup. The terminal command will still make the install drive, though.
  • Reply 28 of 30
    maltzmaltz Posts: 453member
    maltz said:
    Apple published this today, with download links back to El Capitan. A quick check shows these all signed through 2029.

    https://support.apple.com/en-us/HT201372
    The link for High Sierra (10.13) takes you to the app store which then gives an error that the requested version of macOS is not available.  I assume this is because I'm running on Mojave (10.14) now and it's refusing to even download the older installer.
    Yup. The terminal command will still make the install drive, though.
    Not without the installer app it won't.  I can't even download the app in the first place to even run the terminal command.  It's the GET button in the app store that results in the error.
  • Reply 29 of 30
    Mike WuertheleMike Wuerthele Posts: 6,858administrator
    maltz said:
    maltz said:
    Apple published this today, with download links back to El Capitan. A quick check shows these all signed through 2029.

    https://support.apple.com/en-us/HT201372
    The link for High Sierra (10.13) takes you to the app store which then gives an error that the requested version of macOS is not available.  I assume this is because I'm running on Mojave (10.14) now and it's refusing to even download the older installer.
    Yup. The terminal command will still make the install drive, though.
    Not without the installer app it won't.  I can't even download the app in the first place to even run the terminal command.  It's the GET button in the app store that results in the error.
    Duh, yeah, sorry. I read your comment wrong.
  • Reply 30 of 30
    dr. xdr. x Posts: 282member
    maltz said:
    maltz said:
    Apple published this today, with download links back to El Capitan. A quick check shows these all signed through 2029.

    https://support.apple.com/en-us/HT201372
    The link for High Sierra (10.13) takes you to the app store which then gives an error that the requested version of macOS is not available.  I assume this is because I'm running on Mojave (10.14) now and it's refusing to even download the older installer.
    Yup. The terminal command will still make the install drive, though.
    Not without the installer app it won't.  I can't even download the app in the first place to even run the terminal command.  It's the GET button in the app store that results in the error.
    Duh, yeah, sorry. I read your comment wrong.
    I just tried the app store link for High Sierra under MacOS Catalina beta and it started the download though Software Update. I canceled it since I didn't need it but wanted to test it. Perhaps Apple fixed the issue. Try again and report back and see if it works for you. Good luck!

Sign In or Register to comment.