Root Certificates

For the odd user running into a "Cannot reach server" error.

Only concerns users with macOS 10.14 or older that get a "Cannot Reach Server" error.

All macOS versions older than Catalina (10.15) use an expired root certificate, which can cause secure connections to online servers to fail. Therefore, activation and deactivation are not possible without removing the expired certificate first. (Background information)

To remove the expired certificate, make sure to go through the following steps:

1. Open Finder and choose "Go to Folder" in the "Go" menu (Shift-CMD-G):

2. Enter this path /etc/ssl/cert.pem and click Go

3. Before editing the cert.pem file, duplicate it by right-clicking → Duplicate (Authenticate when prompted for your password):

4. In Finder, right-click on cert.pemOpen WithOther...

5. Select TextEdit to open the file:

6. Search for 44:af:b0:80:d6:a3:27:ba:89:30:39:86:2e:f8:40:6b (The ID of the expired certificate):

7. Remove everything from ### Digital Signature Trust Co. until -----END CERTIFICATE-----

It can be that the first 3 lines containing the description of the certificate are missing. In that case, remove everything from Certificate: until -----END CERTIFICATE-----

8. Chose Duplicate when prompted on removing the expired certificate:

9. Close the file, and save as cert.pem in Documents:

10. Use .pem as extension

11. Move the duplicate cert.pem that you saved in Documents to /etc/ssl and Authenticate with your password when prompted.

12. Choose Replace when prompted:

13. Now, you can continue activating your Hedge, Foolcat, or Canister app 🎉

Last updated