Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 9 subscribers
  • Views 1921 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Error when booting on an iMac

Dan Petford

Good afternoon,

We are experiencing the attached errors on boot up with an iMac.

Can you please advise?

Thanks and kind regards, Dan Petford



This thread was automatically locked due to age.
  • 0

    Hello!

    Is it just the one iMac? The issue is that the SSL cert on the server is either not configured properly (perhaps missing intermediate certs), or you've not added the local certs to the Mac and trusted them. 

    The Mac clients are much more fussy about SSL, so things need to be spot on on the server. If it's a public cert (and not an internal one) then it's a little easier, but it it's internal - best to install the cert into the Keychain on the Mac and "Always Trust" the cert.

  • 0 in reply to MichaelMcLannahan

    This is just on one iMac, SafeGuard works fine with no issues on the Windows based machines we have in the organisation.

  • 0 in reply to Dan Petford

    Is the cert a locally minted one or something from a CA Dan?

    If it's a local cert you can add it with Terminal, or the GUI - whatever's easier.

    sudo /usr/bin/security add-trusted-cert -d -k /Library/Keychains/System.keychain -r trustAsRoot -p ssl yourcerthere.cer

  • 0 in reply to MichaelMcLannahan

    Just had another thought - Has the cert expired on the servers? Windows clients are much less fussy here - so you may not have noticed the cert! Worth launching the path listed there and check the cert in a browser?

  • +1 in reply to MichaelMcLannahan

    If the cert was expired - then the Windows machines would also fail to sync. The most likely issue is that it is a local cert. Macs require that the cert have a CA that is in their keychain - so the corporate ones like DigiCert and stuff. Go take a look at the ssl cert on the sgn server and see what the CA is. If it is a self-signed cert or the CA is the local  AD - then the Macs won't trust it.

    RichardP

    Program Manager, Support Readiness | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to RichardP

    Thanks for the pointers Michael / Richard. As Dan P mentioned, we only have one iMac running Safeguard so far. The rest of the network is Windows 10 clients, and these are all syncing fine.

    I remember installing both certificates on the iMac and setting them to 'always trust' but I have a feeling that at least one of them is self-signed. Will check later and confirm though :)

  • 0

    I think we've managed to resolve this now. I found a spare iMac to test with and, suspecting that I'd installed the wrong certificate on the problematic iMac, installed SafeGuard on the test one but with a different certificate from our SGN server. SafeGuard on the test iMac is working perfectly, so I'm pretty sure I just need to replace the certificate on the other iMac to resolve the issue.

    Thanks for pointing us in the right direction Slight smile

    Dan W

Unfiltered HTML