I'm having a problem again with connecting to popular sites on my new iMac running Sierra 10.12.2. I'm writing this on my old iMac running 10.6.8, which does not have these problems.
On attempting to connect to Google, I get: This site can't provide a secure connection www.google.com.au doesn't adhere to security ERR_SSL_SERVER_CERT_BAD_FORMAT I get similar results with other https sites like Youtube, iTunes, Chrome etc. Last time I had this problem (as below), I went through my Keychain (which showed no expired certificates) and through DigiCert High to check the certificates. After checking, the services worked OK again. This time I got through to SSL Server Test (https://www.ssllabs.com/ssltest/) and checked the certificates for Google, Chrome, Apple, etc, which all came up "A" or "A-". But the new iMac still cannot connect to these sites. Other non-https sites can be accessed with Chrome, Safari, and Firefox, also some https sites like Unibank (Australian). I've also searched (on this old iMac) for people having similar problems. At https://community.rapid7.com/thread/9213, titled "Open Nexpose by use Chrome". it said: "We've seen this issue with Mac OS X Sierra in particular. It seems they have made an update to the system keychain that affects Chrome, Safari, curl, and any other applications that use the system for SSL/TLS connections. Firefox is not affected since it uses its own implementation. We are currently working on a fix in Nexpose to get around this issue, though." So it seems the problem may be in Keychain, rather than with the certificates themselves. And Firefox did not work for me. Can anyone throw any light on this, please? David Noel 2017 Jan 1 On 19 December 2016 at 16:10, Ronda Brown <[email protected]> wrote: > Hi David, > Good to hear the problem is solved. > > Merry Christmas 🎄 > > Kindest Regards, > Ronni > > Sent from Ronni's iPhone 7 Plus > > On 19 Dec 2016, at 4:01 pm, David Noel <[email protected]> wrote: > > -- Thanks so much, Ronni, I'm not exactly sure what happened, but I > followed your instructions till I got somehow to SSL Certificate Checker at > https://www.digicert.com/help/ > and when I typed in "google.com" it came back with a clear certificate, > and then Google worked OK. Same for Apple and Youtube. > > -- I'm forever in awe with how you solve these problems! Sorry I > mistakenly said my OS was El Capitan, I am on Sierra 10.12.1. I did click > "Software Update" on "About this Mac" and it reported "No updates > available", so maybe you have a later version from another source. > > All the very best, David. > > > On 19 December 2016 at 15:03, Ronni Brown <[email protected]> wrote: > >> Hi David, >> You mentioned below you are running 10.12.1 El Capitan… 10.12.1 is macOS >> Sierra 10.12.1 & now has update 10.12.2 >> >> Make sure all your Browsers are current latest versions. >> >> Also check Keychain Access for any ‘Expired Certificates’! Especially >> look for the one I mention below. >> >> • On your Mac computer, at the top right, click Spotlight search < >> oXRAmyqwVjPaSBxVVxwuQVApSxU-lIoeyEHAoziwKOzM0W9eWveB4lr3fS >> d1l-Azvz8=w18-h18.png>. >> • Enter "Keychain Access." >> • In the results, click Keychain Access. >> • At the top of your computer screen, click View [image: and then] Show >> Expired Certificates. >> • At the top right, click Search <oXRAmyqwVjPaSBxVVxwuQVApSxU- >> lIoeyEHAoziwKOzM0W9eWveB4lr3fSd1l-Azvz8=w18-h18.png>. >> • Type "DigiCert High" and press Enter on your keyboard. >> • Find "DigiCert High Assurance EV Root CA" that is marked as Expired [image: >> Expired]. Click the certificate. >> • Delete by pressing Delete on your keyboard >> >> Cheers, >> Ronni >> >> *13-inch MacBook Air (April 2014)* >> 1.7GHz Dual-Core Intel Core i7, Turbo Boost to 3.3GHz >> 8GB 1600MHz LPDDR3 SDRAM >> 512GB PCIe-based Flash Storage >> >> macOS Sierra 10.12.2 >> >> >> On 19 Dec. 2016, at 2:25 pm, David Noel <[email protected]> wrote: >> >> Hi Ronni, no, I have no security-type software. Anything else, such as >> a work-around? >> >> Cheers, David. >> >> On 19 December 2016 at 14:10, Ronda Brown <[email protected]> wrote: >> >> Are you using Kaspersky security software or Avast or some such software? >> >> >> Sent from Ronni's iPad4 >> >> >> On 19 Dec. 2016, at 1:58 pm, David Noel <[email protected]> wrote: >> >> I have a new iMac which I use for most purposes, running 10.12.1 El >> Capitan. Since I upgraded from 10.11, I've had occasional problems >> where my browsers can't access Google and Apple's own sites. >> >> Error message from Chrome on accessing gmail: >> >> "this site can't provide a secure connection, mail.google.com doesn't >> adhere to security standards". >> >> Error message from Firefox on accessing Apple: >> >> The owner of support.apple.com has configured their website improperly >> to protect your information from being stolen, Firefox has not >> connected to this website". >> >> Safari did not produce an error message, but seemed unable to load >> certain sites. >> >> In the past, I've been able to clear this problem by Restarting, but >> this hasn't worked today. Has anyone any ideas on this matter? >> >> It's inconceivable that Google and Apple have the faults indicated. As >> I'm unable to access gmail, I'm sending this from my older machine >> still on 10.6.8 -- this does not have the above problem. >> >> Thanks and Merry Christmas -- >> >> David Noel >> >> > -- The WA Macintosh User Group Mailing List -- > Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> > Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> > Settings & Unsubscribe - <http://lists.wamug.org.au/ > listinfo/wamug.org.au-wamug> >
-- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
