Option A: Advanced Terminal Fix in High Sierra Recovery (Forces HTTP Instead of Broken HTTPS)

This is the most reliable in-place fix (works on almost all affected Macs in 2025) and does not require another Mac or a USB drive.

Steps:

1. Boot your Mac into Internet Recovery

   • Restart (or power on) and immediately hold Option + Command + R until you see the spinning globe and “Starting Internet Recovery”.

2. Wait until you reach the macOS Utilities window (Disk Utility, Reinstall macOS, etc.).

3. From the top menu bar, choose Utilities → Terminal.

4. In the Terminal window, type or paste this exact command and press Enter:

   nvram IASUCatalogURL=http://swscan.apple.com/content/catalogs/others/index-10.13-10.12-10.11-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog

5. After the command finishes (it returns instantly), type exit and press Enter (or just quit Terminal).

6. Back in the macOS Utilities window, select Reinstall macOS High Sierra and click Continue.
   The installer will now contact Apple’s servers using plain HTTP instead of the broken HTTPS catalog and should proceed normally.

Optional: Remove the override later (after successful installation)

Once you’re back in macOS and everything is working, you can clear the setting by opening Terminal normally and running:

sudo nvram -d IASUCatalogURL

That’s it — this single nvram change bypasses the expired certificate that’s been breaking High Sierra recovery since ~2023.