Do I need to renew the Institutional Recovery Key certificate with FileVault
-
28-04-2021 - |
Question
We plan to roll out FileVault via Apple's own MDM (Server.app). I already have some test-computers enrolled.
When I look at the certificate used for the Institutional Recovery Key, it expires in March 2019. It's a self signed certificate (created like this).
Do I need to renew this certificate? I can't find any info on this.
Solution
I advise you to test this by setting a test Mac and then starting it with a date set to April the 1st of 2019 (just after your certificate expiration date). Of course, for this test to work you will need to deactivate any automatic time synchronization:
System Preferences... > Date & Time
turn off:
Set Date & Time automatically
Licensed under: CC-BY-SA with attribution
Not affiliated with apple.stackexchange