Q: SHA-1 certificate wrong - download Security Update 2015 -002 Apple.com
As I can't seem to login to Apple for the Software Update today, I decided to download the Security update directly.
I always check the SHA-1 certificate when I do a direct download.
After downloading the update found at Security Update 2015-002 Mavericks twice, I still find the following SHA-1 fingerprint.
1E 34 E3 91 C6 44 37 DD 24 BE 57 B1 66 7B 2F DA 09 76 E1 FD
But the linked page showing what the SHA-1 fingerprint should be How to verify the authenticity of manually downloaded Apple Software Updates - Apple Support shows
Verify that the SHA-1 fingerprint displayed matches the following fingerprint of Apple’s certificate, which is:
SHA1 FA 02 79 0F CE 9D 93 00 89 C8 C2 51 0B BC 50 B4 85 8E 6F BF
Note: Older installers could have this SHA-1 fingerprint:
SHA1 9C 86 47 71 48 B3 D7 04 24 7A 3C 3F 56 EA 2D E5 94 4B 01 C2
Either the update has been messed with or the webpage showing what the fingerprint is old. The last modified date for the verification information page is :
Last Modified: Nov 13, 2014
So which is it?
MacBook Pro, OS X Mavericks (10.9.5)
Posted on Mar 11, 2015 7:42 AM