SecIdentitySetPreferred behavior changed after MacOS 11.3

Privacy & Security General
peterLeeMS OP
Created Aug ’21
Replies 1
Boosts 0
Views 526
Participants 2

It looks like Apple API SecIdentitySetPreferred appends bundleID suffix to all newly created identity preference objects on all the paths that are fed into the API

Before MacOS 11.3: https://device.login.microsoftonline.com/

After MacOS 11.3: https://device.login.microsoftonline.com/ (UBF8T346G9.com.microsoft.CompanyPortalMac)

This results in some people getting prompted for cert pickers on Safari when they hit endpoints that start with device.login.microsoftonline.com/ prefix.

Is there any way to make SecIdentitySetPreferred to behave like before MacOS 11.3?

Replies  1
Boosts  0
Views  526
Participants  2
mt52 OP
Sep ’21

Think I might be experiencing the same. Safari on MacOs keeps prompting for Microsoft Workplace Join Certificate and it seems to be ignoring the already configured identity preferences for https://device.login.microsoftonline.com and https://device.login.microsoftonline.com/. Clicking Continue in Safari creates a new identity preference for the same URL but appended with a long string of random characters. Can't figure out how to create a new ID preference that Safari will honor.

0
SecIdentitySetPreferred behavior changed after MacOS 11.3
First post date Last post date
 
 
Q