SSL certificates and MAS updates

Something that has occurred to me. I have set my keychain prefs to require the verification of both certificate types due to all the cert thefts going on. It now causes problems in the MAS where I have to turn off cert validation to apply a MAS update. I wonder if you are not tripping something in that space?

Comments

  • khadkhad Social Choreographer

    Team Member
    Hey youngjm,

    I'm not sure that I fully understand what is happening on your system. MAS updates are handled by Apple and their servers, so I'm not sure there is anything for us to do on our end. Perhaps I'm not fully understanding the issue, though. I've pinged the team to review this thread, but if you can provide any further details about what steps you are taking and what you are [not] seeing, that would be great!
  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member
    Hi youngjm,

    Can you be more specific about what you changed regarding certificate validation?

    The certificates stored within your system keychain (accessible through /Applications/Utilities/Keychain Access) are used for more than just secure web browsing, but are used by the code signing mechanism of the Mac App Store (and many other things about the system.) So it may have been that when you adjusted things, you broke the chain of trust used by the app store.

    So if you could recall what changes you made, we can see what can be done to undo those and set things correctly.

    Cheers,

    -j
This discussion has been closed.