Package Signature for 1Password 6.8.9 expires on 3/3

mlowedo
mlowedo
Community Member
edited February 2022 in 1Password 3 – 7 for Mac

For "reasons" we still have to use 1Password version 6 in our organization. We distribute the application via MDM and noticed that the package signature is set to expire on March 3rd.

This will cause deployment issues with the expired signing certificate. Redownloading the package today still show an imminent expiration.

Does 1Password plan on resigning the current package?

Here's the output of pkgutil:

Package "1Password-6.8.9.pkg":
Status: signed by a developer certificate issued by Apple for distribution
Signed with a trusted timestamp on: 2018-05-18 14:13:10 +0000
Certificate Chain:
1. Developer ID Installer: AgileBits Inc. (2BUA8C4S2C)
Expires: 2022-03-03 19:23:21 +0000
SHA256 Fingerprint:
75 74 B9 83 A6 43 7E FB 23 B9 4E B4 BE 19 F5 07 35 20 40 DB 2D 4F
99 3D 22 DA C7 6B 3B 1C 85 FF
------------------------------------------------------------------------
2. Developer ID Certification Authority
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1 8D 03
F2 9C 88 CF B0 B1 BA 63 58 7F
------------------------------------------------------------------------
3. Apple Root CA
Expires: 2035-02-09 21:40:36 +0000
SHA256 Fingerprint:
B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED 7E 2C
68 C5 BE 91 B5 A1 10 01 F0 24


1Password Version: 6.8.9
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • Hey @mlowedo:

    We've done some testing on our end here, and we've confirmed that we were able to install 1Password 6 for Mac past the expiration date of the package signature.

    With this in mind, we're not planning on releasing a version of 1Password 6 with an updated package signature containing a changed expiration date.

    Let me know if that helps, or if you've got any further questions!

    Jack

This discussion has been closed.