Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-56346

Update certificate definitions to match MacOS 10.15+ requirements

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 5.3.0
    • Affects Version/s: None
    • Component/s: None
    • None
    • Fully Compatible
    • Security 2022-02-07
    • 140

      Apple released some new requirements for certificates on MacOS 10.15 and newer, including M1 Macs. https://support.apple.com/en-us/HT210176
      This issue seems to have presented on our new M1 Macs we received from MacStadium:
      https://jira.mongodb.org/browse/BUILD-13029
      One of our provisioning steps is to add trusted-ca-v1.pem (Trusted Kernel Test CA) to the user and system keychain, however, we receive a "This root certificate is not trusted" message from the Keychain Access app.

      On our macos-1014 hosts, the certificates are automatically trusted when added.

      Is the fact that the certificate expired past 825 days relevant to this issue?

            Assignee:
            gabriel.marks@mongodb.com Gabriel Marks
            Reporter:
            john.chen@mongodb.com John Chen (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: