Skip navigation

Revert to original openssl on mac

456 Views 5 Replies Latest reply: Aug 7, 2012 5:22 AM by etresoft RSS
rajdeep.s.mann Calculating status...
Currently Being Moderated
Aug 6, 2012 1:20 PM

I have installed a new version of openssl(openssl-1.0.1b) on my mac due to some project requirements. But now if I try to verify mobileprovisions profiles using command

openssl smime -in "path of mobile provision profile" -inform der -verify

it fails with the message "unable to find local issuer certificate". I understand this happens because the new version of openssl cannot find certificates against which it should verify profiles. So my question is

Is there a workaround so that I can use the new version and still verify profiles or if not how can I get my original openssl back which was installed mac by default?

iMac, Mac OS X (10.7.3)
  • etresoft Level 7 Level 7 (23,920 points)
    Currently Being Moderated
    Aug 6, 2012 4:20 PM (in response to rajdeep.s.mann)

    How did you install the new version. It should have installed into /usr/local. If you put it elsewhere, your only option will be a reinstall of the OS.

  • Stijn Spijker Calculating status...
    Currently Being Moderated
    Aug 7, 2012 1:17 AM (in response to rajdeep.s.mann)

    My (original, Mac OS 10.7.4) openssl was installed in /usr/bin, you can trace it by opening the terminal and executing "which openssl".


    If this does not point to /usr/bin/openssl, you could probably try verifying that the "original" (most likely) openssl still exists in /usr/bin/openssl by executing "file /usr/bin/openssl". This should return something like the following:


    /usr/bin/openssl: Mach-O universal binary with 2 architectures

    /usr/bin/openssl (for architecture x86_64):          Mach-O 64-bit executable x86_64

    /usr/bin/openssl (for architecture i386):          Mach-O executable i386


    If your "which" command points to another location then /usr/bin, and the file command verifies that the original binary is still in place, you could probably try to verify your mobile provisioning files with that.


    Instead of executing "openssl smime -in "path of mobile provision profile" -inform der -verify", execute it by calling the specific binary you want in the following manor:  "/usr/bin/openssl smime -in "path of mobile provision profile" -inform der -verify"


    If you want to go back to the old openssl binary permanently, you will have to remove the "new" openssl.

    If you installed the new openssl in /usr/bin (eg, the original binary does not exist anymore), then you'll have to find some other way to install the original openssl.


    Maybe you can link the tutorial / guide you followed to install your new openssl? This would help people here to determine what you actually did

  • etresoft Level 7 Level 7 (23,920 points)
    Currently Being Moderated
    Aug 7, 2012 5:22 AM (in response to rajdeep.s.mann)

    You will have to reinstall the operating system, sorry.


More Like This

  • Retrieving data ...

Bookmarked By (0)


  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.