Apple Software Lookup has an invalid certificate

Hello all, this may not be the right place to get answers for this but not sure where else to put it. Currently we are using the Apple Software lookup service to fetch available iOS updates that can be used to push updates through Declarative Management. This works fine however we have are now running into an issue https://gdmf.apple.com/v2/pmv, does not have a valid SSL certificate, which during the prototyping phase was fine as we turned off SSL cert validation to get the feature to work. Now that we are moving to make this a formal development we need to turn this on, but obviously with the URL having an invalid cert this causes all requests to throw invalid certificate errors (specifically that the root cert isn't trusted, this can also be seen when navigating to the url in a browser. Specifically it returns NET::ERR_CERT_AUTHORITY_INVALID) Is there any chance that the SSL cert for this API can be fixed?

Answered by Security Engineer in 792247022

This endpoint uses a certificate issued from an authority that is trusted by Apple's operating systems. You can find the official list of Certificate Authorities maintained by Apple on this page: https://www.apple.com/certificateauthority/

You can use the certificates from this page to configure your client such that the connection can be authenticated.

Accepted Answer

This endpoint uses a certificate issued from an authority that is trusted by Apple's operating systems. You can find the official list of Certificate Authorities maintained by Apple on this page: https://www.apple.com/certificateauthority/

You can use the certificates from this page to configure your client such that the connection can be authenticated.

Apple Software Lookup has an invalid certificate
 
 
Q