[MacTUG] Skype for Business (Mac only) cert problem
Dani Roloson
daroloso at uwaterloo.ca
Mon Jun 3 13:48:43 EDT 2019
So I'll probably set up a post-install script to do the trust with something like
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain <certificate>
from
https://apple.stackexchange.com/questions/80623/import-certificates-into-the-system-keychain-via-the-command-line
[https://cdn.sstatic.net/Sites/apple/img/apple-touch-icon@2.png?v=b514451ec60c]<https://apple.stackexchange.com/questions/80623/import-certificates-into-the-system-keychain-via-the-command-line>
mac - Import certificates into the System Keychain via the command line - Ask Different<https://apple.stackexchange.com/questions/80623/import-certificates-into-the-system-keychain-via-the-command-line>
apple.stackexchange.com
Is it possible to copy a certificate to a machine running OS X Snow Leopard, add it to the System Keychain, then set it to "Always Trust via SSH?" And if so... how?
<https://apple.stackexchange.com/questions/80623/import-certificates-into-the-system-keychain-via-the-command-line>
________________________________
From: Mike Patterson
Sent: June 3, 2019 13:42
To: Dani Roloson
Cc: Trevor Bain; MacTUG [mactug at mailman.uwaterloo.ca]
Subject: Re: [MacTUG] Skype for Business (Mac only) cert problem
IIRC from a conversation a couple of weeks ago (I've been off a week and a half so forgive me), Paul intends to flip those certs back to publics because of issues like this..
But I would strongly recommend distributing those certificates anyway, as best/much as you can.
Mike
--
Mike Patterson - pronouns he/him - Manager, Information Security Operations
Information Security Services, University of Waterloo
+1 519-888-4567, x47178 / mike.patterson at uwaterloo.ca<mailto:mike.patterson at uwaterloo.ca>
Security Operations Centre x41125 / soc at uwaterloo.ca<mailto:soc at uwaterloo.ca>
On Jun 3, 2019, at 1:35 PM, Dani Roloson <daroloso at uwaterloo.ca<mailto:daroloso at uwaterloo.ca>> wrote:
If this is going to be an on-going problem, I probably would have packaged S4B with the certs and make it available.
I would have also have put the pointers directly to the certs rather than to the page which seems intimidating to general users.
GlobalSign Non-Public SHA1 Chain > GlobalSign Non-Public SHA1 CA - G3 SHA1 • RSA • 2048
http://secure.globalsign.com/cacert/gsintranetsslg3.crt
<http://secure.globalsign.com/cacert/gsintranetsslg3.crt>
GlobalSign Non-Public SHA256 Chain > GlobalSign Non-Public SHA256 CA - G3 > SHA256 • RSA • 2048
http://secure.globalsign.com/cacert/gsintranetsslsha256g3.crt
<http://secure.globalsign.com/cacert/gsintranetsslsha256g3.crt>
________________________________
From: Trevor Bain
Sent: June 3, 2019 12:29
To: Dani Roloson; MacTUG [mactug at mailman.uwaterloo.ca<mailto:mactug at mailman.uwaterloo.ca>]
Subject: RE: Skype for Business (Mac only) cert problem
Have had that a while back (link below) but was on Skype for Business on my Mac earlier today with no issues.
https://uwaterloo.ca/information-systems-technology/news/skype-business-s4b-login-issue-macs-march-15
Trevor
From: mactug-bounces at lists.uwaterloo.ca<mailto:mactug-bounces at lists.uwaterloo.ca> <mactug-bounces at lists.uwaterloo.ca<mailto:mactug-bounces at lists.uwaterloo.ca>> On Behalf Of Dani Roloson
Sent: June 3, 2019 12:21 PM
To: MacTUG [mactug at mailman.uwaterloo.ca<mailto:mactug at mailman.uwaterloo.ca>] <mactug at mailman.uwaterloo.ca<mailto:mactug at mailman.uwaterloo.ca>>
Subject: [MacTUG] Skype for Business (Mac only) cert problem
Others getting this?
<image001.png>
_______________________________________________
MacTUG mailing list
MacTUG at lists.uwaterloo.ca<mailto:MacTUG at lists.uwaterloo.ca>
https://lists.uwaterloo.ca/mailman/listinfo/mactug
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20190603/49fee82c/attachment-0001.html>
More information about the MacTUG
mailing list