ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Troubleshooting the invalid certificate alert while installing Symantec Encryption products on macOS

book

Article ID: 172291

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

When installing Symantec Encryption Desktop or PGP Command Line versions 10.4.2 or earlier on macOS, an installation alert related to an invalid certificate is displayed. 

The following installation alert is displayed:

The package was signed with an invalid certificate. This package might not install what you expect. Do you want to continue with the installation anyway?

Cause

The certificate used to sign earlier versions of Symantec Encryption Desktop and PGP Command Line installers and update packages expired on July 11, 2018. Therefore, macOS displays the installation alert because of this expired certificate.

Note: The certificate used to sign Symantec Encryption Desktop and PGP Command Line installers and update packages is updated in the Symantec Encryption Desktop 10.4.2 Maintenance Pack 1 (MP1) release.

Environment

  • Symantec Encryption Desktop 10.4.2 or earlier for macOS
  • PGP Command Line 10.4.2 or earlier for macOS

 

Resolution

Consider one of the following to resolve this issue:

·       Upgrade to the Symantec Encryption Desktop or PGP Command Line version 10.4.2 MP1. The 10.4.2 MP1 installer is signed with the new certificate. Download Symantec Encryption Desktop 10.4.2 Maintenance Pack 1 and  PGP Command Line version 10.4.2 Maintenance Pack 1 from the Symantec Software Downloads site, https://fileconnect.symantec.com.

·       If you want to install Symantec Encryption Desktop or  PGP Command Line version 10.4.2 or earlier on macOS, click Continue on the installation alert window and complete the installation successfully. This issue does not affect any functionality of Symantec Encryption Desktop or PGP Command Line.

·       If you want to install version 10.4.2 or an earlier version of Symantec Encryption Desktop or PGP Command Line using a command line tool, use the –allowUntrusted option with the installation command. When the –allowUntrusted option is used, macOS allows installation of a package that is signed with an expired certificate.

Example:
For installing Symantec Encryption Desktop use the following command:

sudo /usr/sbin/installer -allowUntrusted -pkg "PGP.pkg" -target /;

For installing PGP Command Line use the following command:
sudo /usr/sbin/installer -allowUntrusted -pkg "PGP Command Line.pkg" -target /;