HT204658: About the security content of Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5

Learn about About the security content of Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
kowboy.

Q: HT204658: broken ssl certs for apple sites.

This update seems to have broken the ssl certs for apple websites. Chrome and Safari are now saying the issuers is invalid. Anyone else having this issue.

 

I am on Maverick (10.9.5)

MacBook Pro with Retina display, OS X Mavericks (10.9.5)

Posted on Apr 9, 2015 8:01 AM

Close

Q: HT204658: broken ssl certs for apple sites.

  • All replies
  • Helpful answers

  • by psf2013,

    psf2013 psf2013 Apr 9, 2015 12:25 PM in response to kowboy.
    Level 1 (4 points)
    Mac OS X
    Apr 9, 2015 12:25 PM in response to kowboy.

    Yes. Same issue - and of course I can't check for updates anymore because I cannot connect to my account through the App Store application either.

  • by Lucas Ehler,Solvedanswer

    Lucas Ehler Lucas Ehler Apr 10, 2015 8:04 AM in response to kowboy.
    Level 1 (10 points)
    Apr 10, 2015 8:04 AM in response to kowboy.

    I had the same issue, not only on 10.9 but also on a second machine that's still on 10.8.

     

    The resolution I'd found elsewhere (looking for the link and will add it here) is to

    1. open Keychain Access
    2. locate ~2 VeriSign Certificates (blue Certificates, not yellow Certificate Authorities).
    3. Export the certs to have a backup copy.
    4. Delete the certs from Keychain Access.

     

    Similar issues / fixes so far:

    why is my app store sign in saying connection failed?

    Can't login to app store

     

    ... more to come, no doubt.

  • by psf2013,

    psf2013 psf2013 Apr 10, 2015 8:03 AM in response to Lucas Ehler
    Level 1 (4 points)
    Mac OS X
    Apr 10, 2015 8:03 AM in response to Lucas Ehler

    The resolution I'd found elsewhere (looking for the link and will add it here) is to

    1. open Keychain Access
    2. locate ~2 VeriSign Certificates (blue Certificates, not yellow Certificate Authorities).
    3. Export the certs to have a backup copy.
    4. Delete the certs from Keychain Access.

     

    This worked for me!

     

    Thank you!

  • by Ted Thibodeau Jr,

    Ted Thibodeau Jr Ted Thibodeau Jr Apr 11, 2015 11:02 AM in response to Lucas Ehler
    Level 1 (5 points)
    Apr 11, 2015 11:02 AM in response to Lucas Ehler

    Whatever the issue is, it's not just tied to VeriSign certs.  I backed up the 10+ such from my keychain, deleted, rebooted ... and no change in behavior.

  • by Ted Thibodeau Jr,

    Ted Thibodeau Jr Ted Thibodeau Jr Apr 21, 2015 8:22 PM in response to Ted Thibodeau Jr
    Level 1 (5 points)
    Apr 21, 2015 8:22 PM in response to Ted Thibodeau Jr

    Still an issue for me...

     

    Tonight, Message Center announced there was an update waiting -- and when I went in to Software Update…, it displayed correctly!

     

    And when I clicked update, it prompted for AppleID and password, for which ... connection failed.

     

    So no AppStore updates nor new apps can be installed.

     

    I'm astonished this is still going on more than a week later!

  • by Ted Thibodeau Jr,

    Ted Thibodeau Jr Ted Thibodeau Jr May 4, 2015 8:00 PM in response to Ted Thibodeau Jr
    Level 1 (5 points)
    May 4, 2015 8:00 PM in response to Ted Thibodeau Jr

    Solved!  At last!

     

    I cannot say exactly which step was the key, so here are most of the steps I took.  Hopefully this helps someone.

     

     

    1. Took the steps in Invalid or incorrect Certificates including reboot.
    2. Took the steps in Edit your Keychain including reboot.
    3. Downloaded and manually reinstalled Security Update 2015-004.

    4. Repaired permissions and directories with Recovery reboot.

    5. Took the steps in Invalid or incorrect Certificates including reboot.

    6. Took the steps in Edit your Keychain including reboot.

     

    I've gone through some of these steps multiple times, just hoping it would work that time...

     

    Today -- when I went into Mail.app, it whined about the certs for me.com servers -- so I made *that* always trusted.  And this time, iTunes.app didn't complain about any certs!  And this time, Software Update.app didn't complain about any certs!  And it successfully applied the three-week delayed updates!

     

    So I'm hoping it's all done and done.  OMG, frustrating along the way!