Good afternoon,
We are experiencing the attached errors on boot up with an iMac.
Can you please advise?
Thanks and kind regards, Dan Petford
This thread was automatically locked due to age.
Good afternoon,
We are experiencing the attached errors on boot up with an iMac.
Can you please advise?
Thanks and kind regards, Dan Petford
Hello!
Is it just the one iMac? The issue is that the SSL cert on the server is either not configured properly (perhaps missing intermediate certs), or you've not added the local certs to the Mac and trusted them.
The Mac clients are much more fussy about SSL, so things need to be spot on on the server. If it's a public cert (and not an internal one) then it's a little easier, but it it's internal - best to install the cert into the Keychain on the Mac and "Always Trust" the cert.
This is just on one iMac, SafeGuard works fine with no issues on the Windows based machines we have in the organisation.
Is the cert a locally minted one or something from a CA Dan?
If it's a local cert you can add it with Terminal, or the GUI - whatever's easier.
sudo /usr/bin/security add-trusted-cert -d -k /Library/Keychains/System.keychain -r trustAsRoot -p ssl yourcerthere.cer
Just had another thought - Has the cert expired on the servers? Windows clients are much less fussy here - so you may not have noticed the cert! Worth launching the path listed there and check the cert in a browser?
If the cert was expired - then the Windows machines would also fail to sync. The most likely issue is that it is a local cert. Macs require that the cert have a CA that is in their keychain - so the corporate ones like DigiCert and stuff. Go take a look at the ssl cert on the sgn server and see what the CA is. If it is a self-signed cert or the CA is the local AD - then the Macs won't trust it.
Thanks for the pointers Michael / Richard. As Dan P mentioned, we only have one iMac running Safeguard so far. The rest of the network is Windows 10 clients, and these are all syncing fine.
I remember installing both certificates on the iMac and setting them to 'always trust' but I have a feeling that at least one of them is self-signed. Will check later and confirm though :)
Thanks for the pointers Michael / Richard. As Dan P mentioned, we only have one iMac running Safeguard so far. The rest of the network is Windows 10 clients, and these are all syncing fine.
I remember installing both certificates on the iMac and setting them to 'always trust' but I have a feeling that at least one of them is self-signed. Will check later and confirm though :)