First time here? Check out the FAQ!
x

How do I verify that the KymaConnect installer is authentic?

0 votes
70 views
Are there any methods to verify the KymaConnect macOS installer?
asked Apr 21 in General by delora-software (Master) (3,880 points)
reshown Apr 22 by delora-software

1 Answer

0 votes
 
Best answer

The KymaConnect 2 BETA installer has been signed using tools provided by Apple. These work in conjunction with macOS's GateKeeper and other facilities to help insure that an application or installer is authentic. There are also manual checks you can easily do for further assurance. This information is also available as a download PDF available from the How To Verify The KymaConnect Installer in the Community Library. 

macOS uses GateKeeper as a way to validate downloaded applications and installers. macOS 10.15 (Catalina), and newer macOS versions, improves upon this with special requirements such as “notarizing”. Even with these automatic measures some manual precautions are still a good idea. 

Your first stop should be to make sure that macOS’s GateKeeper feature is properly set up. Open up System Preferences and click “Security & Privacy”. Select the “General” tab and you should see something like this:

page1image6045904.png

This setting informs GateKeeper of what types of software can be used. The setting should be as shown, otherwise you will not be able to install KymaConnect without using workarounds that I do not recommend. If you prefer having this set to the more strict “App Store” setting then temporarily change it to as shown and then revert back each time you need to install KymaConnect. 

When you double-click on the KymaConnect installer you should see the first installer screen. You should never see something like this: 

page1image6046736.png

If you see this click “OK” and stop. This means that there is something wrong with the installer. Please let us know about the problem by posting on the Kyma Community Forum. 

Since Apple introduced GateKeeper nearly eight years ago many users have learned the “right-click open” workaround to thwart GateKeeper so they could install “unapproved” software. When you use this trick you are bypassing many of macOS’s protections. Never install KymaConnect using this technique. You should never see a popup screen like this:

page2image6043456.png

Always click “Cancel” if you see this! 

Even with these built-in protections it is still a good idea to further verify the installer. Apple provides a way for developers to “sign” their installers so that macOS can verify their authenticity. When the KymaConnect installer runs you are greeted with this screen: 

page2image6029936.png

Notice the lock icon in the upper-right corner. macOS shows this when the installer has been properly “signed”. If you do not see the lock stop immediately and exit the installer by clicking the red button in the upper left corner. Please tell us about this by posting on the Kyma Community Forum. 

Click on the lock and you will see detailed information. Take a few moments to examine the information to further insure the the installer’s authenticity.

page3image6040128.png

Select “Developer ID Certificate Authority," If you see a different certificate authority, or the certificate doesn't have a green checkmark indicating that the certificate is valid, press OK then immediately exit the installer by clicking the red button in the upper left corner. Please tell us about this by posting on the Kyma Community Forum. 

page3image6044080.png

Click the triangle next to the word "Details" to see more information about the certificate. Scroll to the bottom of the Details section to see the SHA-256 fingerprint. Verify that the fingerprint you see is the same:

page4image6063952.png

If you do not find the identical SHA-256 data press OK then immediately exit the installer by clicking the red button in the upper left corner. Please tell us about this by posting on the Kyma Community Forum. 

Repeat this process by clicking on the “Developer ID Installer: Harmony Systems, Inc. (57DS83D5FY)”. If you see a different certificate authority, or the certificate doesn't have a green checkmark indicating that the certificate is valid, press OK then immediately exit the installer by clicking the red button in the upper left corner. Please tell us about this by posting on the Kyma Community Forum.

page4image6063536.png 

Click the triangle next to the word "Details" to see more information about the certificate. Scroll to the bottom of the Details section to see the SHA-256 fingerprint. Verify that the fingerprint you see is the same. If it is not press OK then immediately exit the installer by clicking the red button in the upper left corner. Please tell us about this by posting on the Kyma Community Forum.

page5image6043248.png 

answered Apr 21 by delora-software (Master) (3,880 points)
edited Aug 4 by delora-software
...