Welcome to our community!

Digitally signed pkg files for MDM deployment to macOS systems

Avatar
Andrea Rochira
  • updated
  • Pending Review

Our company recently transitioned to ConnecWIse Control. A great product, although on macOS systems, Gatekeeper dislikes the "unidentified developer" property of the pkg file. 

This poses two problems:

  • many times, the support technicians have to guide end-users through multiple System Preferences settings in order to successfully establish a connection
  • when the pkg file is deployed through an MDM platform (and it's not internally signed by the company), the installation fails 

It would be much appreciated to include one of the following features in Control:

  • pkg files automatically signed by ConnectWise
  • upload a company developer certificate that can be used to sign the pkg files

Thanks


Duplicates 3
Allow upload of developer certificate for signing mac installers

Unsigned packages are particularly hard to deal with on a remote session.


Developer Identities are $99 a year and easy enough to purchase. It would be great if a screenconnect server could store ours, and allow for on-the-fly signing of packages.

add version number in MacOS pkg file for MDM deployment.

Currently the .pkg package does contain a buildNumber (eg. 6.6.18120.6697) but not a VersionNumber. We just had a Microsoft PSS call regarding not installing this package through intune and their conclusion was the missing version number. 


To quote MS "his is limited by what is supported by the Mac OS MDM.  The version is not in the intunemac file but in the actual application packaging. To make such a change will require contacting the person/company that created the app and suggest they make the necessary changes."


Please add the VersionNumber property to the .pkg installer for connectwise control.


Kind regards,

Marco

have the .pkg installer signed
Replies 19
Avatar
0
kginger

Would love to see this. Users have to have admin rights and right-click the app to allow it to run: https://support.apple.com/kb/PH18657?locale=en_US

Avatar
0
peusch

We're having a similar issue with non-admin domain users who are remote, so this would be a fantastic addition.

Avatar
0
Jake McKean

+1 on this. We use ScreenConnect exclusively in a Mac environment and we fight this constantly. Plus it makes our customers look askance at our installers...

I would love a simple plugin method to use our own Apple Developer Certificate, but I would settle for having you sign the packages.

Avatar
2
Will Polley

Any progress on this feature review?

Avatar
1
peusch

We're still waiting as well to hear about this.

Avatar
0
jeremy

We would also love to have this feature please. Will make it much easier on the client end, and save us some sanity !

Avatar
0
joshthree

Making this problem go away for a mere $99 a year would be a dream. I probably spend an extra 30-45 minutes every week onboarding mac clients. And it's probably my worst 30-45 minutes of each week :) (on a positive note your 6.1 update has been absolutely fantastic for those of us on the mac side. seriously upped my productivity working via remote access)

Avatar
0
jake

A year now of waiting for any response on this. This is the single biggest feature you could implement to make Mac users live easier.

Avatar
1
Will Polley
Quote from anonymous

Hello All,

Please take a look at this post:

http://forum.screenconnect.com/yaf_postsm36955_Signing-the-Mac-Installer-Package.aspx

That's great if you have access to a Mac to maintain updated signed pkgs.


However, I'm sure everyone here would like to not have another manual process to manage.



Top contributors
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar