iTunes may fail to subscribe to or download episodes from Pinecast podcasts (and podcasts hosted on other platforms) on some older computers. This can be caused by a number of things:

  • The computer is running a version of OS X that is no longer supported by Apple.
  • The computer is running a version of OS X that no longer supports iTunes. As of 2017, OS X 10.9.5 and older no longer officially support iTunes.
  • The computer has not received a root certificate update in a long time.


This is a symptom, not the root problem. There are a number of reasons why it may happen. Here are some resources that offer a few potential fixes:

Why this can happen

HTTPS URLs work by presenting a cryptographic certificate to your computer. That certificate contains information on establishing a secure connection. The security of that connection relies on the fact that your computer can know who the server presenting the certificate is--e.g., you wouldn't want to establish a secure connection to a hacker pretending to be Amazon.

To verify the owner of the certificate, your computer looks at the "chain of trust" of the certificate. The last link in the chain is the owner of the URL (in this case, Pinecast). The next link in the chain is the company that sold the certificate to Pinecast, and the link after that is the company that verified and authorized that company. At the end of the chain is the "root certificate authority". There are only a few of these "root CAs" out there. Each root has established trust with Apple, Google, Microsoft, and others that they will not sell certificates without proving they know who owns the website the certificate is for.

Periodically, companies like Apple will distribute a new list of root CAs as a system update. The list slowly expires over time (in case a root CA is hacked or becomes evil), preventing hackers from permanently being able to crack HTTPS encryption. These updated lists include new root CA information, which lets your computer establish secure connections using certificates whose chains end with an updated root CA certificate.

If your computer hasn't received a root CA update, it will not trust new certificates with root CAs that it doesn't yet recognize. Being sure to install the latest system update will allow your computer to establish secure connections with Pinecast and other platforms that use relatively new certificates.

Did this answer your question?