sébastienfromquebec

Q: Invalid Certificate on every secured website

Hi,

 

I've just updated to 10.7.4 with Safari 5.1.7 and after the update I'm always getting an Invalid Certificate for secured website.

 

www.paypal.com

every banking sites

etc

 

The content is not entirely loaded even if I click "continue".

 

I don't know if it related but I can't install any Extensions in Safari. I had ClickToFlash and 1Password and neither can be reinstalled after the update. I got a message telling me that the extension cannot be installed.

 

Thank you

MacBook Air, Mac OS X (10.7.4)

Posted on May 10, 2012 12:56 PM

Close

Q: Invalid Certificate on every secured website

  • All replies
  • Helpful answers

Previous Page 2 of 10 last Next
  • by jbixler,

    jbixler jbixler May 14, 2012 11:27 AM in response to sébastienfromquebec
    Level 1 (11 points)
    iPad
    May 14, 2012 11:27 AM in response to sébastienfromquebec

    I'm having the same problem, and I'm behind a corporate proxy that requires authentication. I tried the suggestions in Linc Davis' post, but it hasn't helped.

     

    If anyone uncovers a fix, please post here—thanks!

  • by fnankivell,

    fnankivell fnankivell May 14, 2012 12:05 PM in response to sébastienfromquebec
    Level 1 (0 points)
    May 14, 2012 12:05 PM in response to sébastienfromquebec

    Exact same problem here too. Behind corporate ISA proxy, have to manually approve all certificates to get anywhere. Safari 5.1.7. Every page that has a Facebook like button or Twitter follow button is affected too, meaning almost every **** page I surf too. Ugh, fix this soon Apple!

  • by kremik,

    kremik kremik May 14, 2012 12:24 PM in response to Robke
    Level 1 (0 points)
    May 14, 2012 12:24 PM in response to Robke

    I'm having exactly the same problems. I can see these errors after I updated to 10.7.4 and Safari 5.1.7. I'm behind NTLM Proxy. All pages work if I'm not behind proxy, but if I connect via proxy I'm getting these errors. It happened that some pages reported this kind of problem (e. g. https://www.paypal.com), but now they seems to be OK. All parameters of the "invalid issuer" certificates looks fine. I don't understand what's the problem.

  • by Robke,

    Robke Robke May 14, 2012 12:26 PM in response to kremik
    Level 1 (0 points)
    May 14, 2012 12:26 PM in response to kremik

    FWIW: I'm behind a Cisco proxy "Application and Content Networking System Software 5.5.5".

  • by slk00,

    slk00 slk00 May 15, 2012 12:51 AM in response to sébastienfromquebec
    Level 1 (0 points)
    May 15, 2012 12:51 AM in response to sébastienfromquebec

    Same with us. We are behind Cisco Service Control Engine (SCE) and found issues with installing some packages and registering machines to push notification service.

     

    With Office 2011 SP2 package installation;

     

    Certificate used to sign package is not trusted. Use -allowUntrusted to override.

     

     

    Also with APN registration with Apple's own server (albert.apple.com) gives errors.

     

    "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “albert.apple.com” which could put your confidential information at risk."
  • by SamuelC,

    SamuelC SamuelC May 15, 2012 2:39 AM in response to sébastienfromquebec
    Level 1 (0 points)
    May 15, 2012 2:39 AM in response to sébastienfromquebec

    Same issue here. Apple, please raise this ticket to a higher priority and help to solve this issue!

     

    Thanks.

  • by tcthomas,

    tcthomas tcthomas May 15, 2012 6:09 AM in response to sébastienfromquebec
    Level 1 (0 points)
    May 15, 2012 6:09 AM in response to sébastienfromquebec

    Exactly the same issue here, from university network.  Anyone any ideas?  Works perfectly on home Wi-Fi

  • by marc from white river junction,

    marc from white river junction marc from white river junction May 15, 2012 6:23 AM in response to marc from white river junction
    Level 1 (0 points)
    May 15, 2012 6:23 AM in response to marc from white river junction

    OK, here's some followup. I have 2 Macbook Pro's, my wife's is a mid-2008 and it works perfectly after the upgrade.  Mine is an early 2011 model and is experiencing the same issues as everyone else, as described in my earlier post.  After trying all suggestions (without result) and even re-installing the OS and upgrading with the Combo Updater, I still had the certificate error.  Since this prevents me from working, I ended up doing a full restore from Time Machine to 10.7.3 and all is well.

     

    I am not behind a corporate firewall, and my wife's machine works fine when on the same network.  I did have some ports forwarded to my MBP, which shouldn't have made any difference, but I disabled them this morning, reupgraded to 10.7.4 and had the same issue again.  I have just finished restoring 10.7.3. yet again from Time Machine.

     

    I hope this helps move the enquiry forward; I don't believe that the issue lies with proxies or corporate firewalls.  Since my working machine is a Core 2 Duo Penryn and the problem machine is an i7 Sandy Bridge, I'm wondering if the problem may lie in the different architectures?

  • by tcthomas,

    tcthomas tcthomas May 15, 2012 6:26 AM in response to marc from white river junction
    Level 1 (0 points)
    May 15, 2012 6:26 AM in response to marc from white river junction

    As with you Marc, I've tried a full re-install of the OS at the Apple Store.  But, it works perfectly on normal wi-fi when not behind the network here, leading my to think it must be some sort of problem (at least for some of us) with that.  Also can't install extensions when behind the network at the moment.

  • by fnankivell,

    fnankivell fnankivell May 15, 2012 6:44 AM in response to sébastienfromquebec
    Level 1 (0 points)
    May 15, 2012 6:44 AM in response to sébastienfromquebec

    I just discovered that I can no longer log into my account with the App Store app too. Is it related to the certificate bug also? 10.7.4 really crippled my internet access...

  • by ds store,

    ds store ds store May 15, 2012 6:52 AM in response to sébastienfromquebec
    Level 7 (30,395 points)
    May 15, 2012 6:52 AM in response to sébastienfromquebec

    Does anyone setting one's Keychain Access > Preferences (reboot?) to this solve the problem?

     

    Screen shot 2012-05-15 at 7.00.36 AM.jpg

  • by Mac Admin1,

    Mac Admin1 Mac Admin1 May 15, 2012 7:00 AM in response to ds store
    Level 1 (0 points)
    May 15, 2012 7:00 AM in response to ds store

    i tried, makes no change in case of Mail.app - still complains because of certificate each time after launch

  • by tcthomas,

    tcthomas tcthomas May 15, 2012 7:02 AM in response to ds store
    Level 1 (0 points)
    May 15, 2012 7:02 AM in response to ds store

    Yep, didn't work for me either.  I'm going into the Apple Store in an hour and a half with this thread to see if they have any ideas, so will keep all updated.

  • by fnankivell,

    fnankivell fnankivell May 15, 2012 7:50 AM in response to sébastienfromquebec
    Level 1 (0 points)
    May 15, 2012 7:50 AM in response to sébastienfromquebec

    Of course, now I can't buy any music on the iTunes Store, says it can't connect to the store. I can browse the store, listen to samples, but can't buy.

     

    There is definitely something wrong with 10.7.4/Safari 5.1.7 when behind a corporate proxy like mine (ISA/NLTM authentification)...

  • by sébastienfromquebec,

    sébastienfromquebec sébastienfromquebec May 15, 2012 7:58 AM in response to fnankivell
    Level 1 (1 points)
    May 15, 2012 7:58 AM in response to fnankivell

    I've made a request at the IT staff in there to accept CRL and OCSP request anonymously through ISA server.

     

    I can now validate Certificates but there is something wrong with /usr/sbin/ocspd . It can't understand proxy authentication at all.

Previous Page 2 of 10 last Next