OS 10.3.7 update and Safari https

Question

OS 10.3.7 update and Safari https

I have a G5 at work and a G4 and G3 at home. I ran the automatic 10.3.7 update through software update on the G5 and G4 then noticed them both having the same problem. No matter what browser I use (i.e. Safari, Internet Explorer, Firefox, Mozilla) I can't connect to secure sites, any sites with https.

On the G5 I have a WAN internet connection and at home on the G4 and G3 I just got Direcway satellite internet service. Both computers were accessing the internet just fine until I ran the OS update. Direcway was able to bypass the problem but now my (very expensive) satellite internet access is sooooo sloooowwww at home. I can't even connect through Safari at work. I am running 10.3.2 on the G3 at home and it connects to the secure sites but is slower than it was before.

I am running the most up-to-date Java and cleared the cache as the "safari is super slow" posts suggested. However I haven't re-installed the update yet. Please help! I would greatly appreciate any suggestions.

I noticed "Our House" user is also on Direcway, how is your service?

Posted on Feb 1, 2005 9:31 AM

Reply

Answer 1

Feb 1, 2005 2:49 PM in response to Kimberley Bader

Have you tried repairing your permissions in disk utility?

Reply

Answer 2

Feb 1, 2005 7:44 PM in response to Kimberley Bader

Download Panther Cache Cleaner (a shareware program). Go to Optomize, check Tune for Boradband and then Run.

I had a similar problem and found this solution online here in Apple Forums. In general, it worked for me.

Good luck.

Reply

Answer 3

Feb 3, 2005 10:06 AM in response to Ryan Rafferty

Thank you for your suggestion. It worked on my G4 at home but not on the G5.

Reply

Answer 4

Feb 3, 2005 10:09 AM in response to GloverPark

Thank you for your suggestion. I tried PCC on the G5 but didn't solve the problem. I also tried reinstalling the combined 10.3.7 update, repaired disk permissions through Disk Utility and Cocktail and Panther Cache Cleaner. I also cleared the cache through Java and PCC. I also reinstalled Java but nothing worked.

Any other suggestions?

Reply

Answer 5

Feb 3, 2005 11:09 PM in response to Kimberley Bader

I also have a G5 and the same thing happened to me when I installed the 10.3.7 update. Direcway tried a whole bunch of things with no success. I had purchased virtual pc in the spring and received it November and found that I was able to access the https sites using internet explorer in virtual pc. Dirceway continued to try and get things going but finial threw in the towel last week and said that it is a problem with the Apple Software and that I would have to go through them to locate the problem. They said that if I did not have any success with Apple that they would try one more time.

Reply

Answer 6

Cusqueno

Level 1

10 points

Feb 4, 2005 12:10 PM in response to Kimberley Bader

I recently purchased a new Mac Mini and am having similar problems with HTTPS sites. They do open, but are extremely slow with Safari. For example, if I visit http://www.citrix.com, the speed is normal. If I change the URL to HTTPS://www.citrix.com, it takes nearly a minute to load. Firefox works well whether or not SSL is involved. I tried many of the suggestions in the forums with no success. As a final test, I booted the Mini with the OS X CD and reformatted and re-installed. I purposedfully avoided installing any updates afterwards. The issue exists with that basic configuration. I should note that the CD says 10.3.6 but the About box says 10.3.7 as the version.

Reply

Answer 7

Rod Helm

Level 1

5 points

Feb 4, 2005 1:16 PM in response to Kimberley Bader

I had the same problem after installing 10.3.7 update. Tried all the fixes in discussion groups, had Comcast come out to check my system and spent close to three hours with Apple support, nothing worked. I eventually had to archive and restore and start over with a fresh install of OS X. I stopped short of 10.3.7 update and everything works fine. I was told by tech support that a limited number of people are experiencing this problem. Hope this helps.

Reply

Answer 8

Bob61

Level 1

140 points

Feb 4, 2005 3:32 PM in response to Kimberley Bader

I have seen several posts in the past that recommend that permissions be run before and after doing updates. Also, quit/close all applications. I have followed these suggestions have not encountered any problems.

Bob

Reply

Answer 9

Cusqueno

Level 1

10 points

Feb 6, 2005 3:22 PM in response to Kimberley Bader

After delving deeper into this issue, I've narrowed it down to some problem with how Safari is querying DNS when opening an HTTPS web page. If I use the "host" command to determine the IP address, and then type https://12.8.192.15 (or whatever is appropriate) the page will load at near normal speeds. Of course, I get a security warning that the identity can't be verified.

I also ran "tcpdump" and compared http/https while opening the same site. Regular http will make one basic DNS query to my primary ISP server, gets a result, and then starts loading the page. Https, makes many different queries to all three of my ISP DNS servers, some appear to work and some seem to fail and then it finally loads the page. Several make reference to AAAA records which usually means IPv6 is involved. This was disabled on my network interface based on other thread suggestions. I don't really understand why Safari would perform different DNS resolution based on the protocol.

The final piece that may have significance is I know the sites with problems have some type of load balancing. This usually means a CNAME record is returned by the first DNS query. Again, I don't know why the difference in protocol would affect this, the browser should just get the address and run with it.

Reply

Answer 10

Dave_K.

Level 3

663 points

Feb 7, 2005 12:33 PM in response to Cusqueno

Cusqueno-

I have found the same strange behavior with Safari and some- but not all- HTTPS sites. The worst by far is eTrade. Page loading is excruciatingly slow, though it is instant with Firefox. I posted some findings similar to yours at
Dave_K., "Safari is super slow HELP!!!" #9, 10:34am Jan 19, 2005 CDT

Dave

Reply

Answer 11

Dave_K.

Level 3

663 points

Feb 7, 2005 5:36 PM in response to Dave_K.

Adding to Cusqueno's observations...

I tried eTrade using the IP address technique he suggested. It's at
https://198.93.34.50
as opposed to the standard (and much slower)
https://us.etrade.com/

And while the site does load more quickly that way, it is still MUCH slower in Safari than FireFox. Not to mention the security issue.

There is definitely something wrong with Safari and its handling of certain HTTPS sites and its handling of DNS.

Dave

Reply

Answer 12

Cusqueno

Level 1

10 points

Feb 8, 2005 11:47 PM in response to Kimberley Bader

No permanent solution yet, but I have opened a ticket with the vendor that supports our load balancing (DNS) hardware. We took several tcpdumps and they are reviewing them. They are going to try and reproduce the problem on their hardware also.

In the meantime, I have been researching a method for disabling the IPv6 resolution in Safari. The best I could come up with was to edit the /etc/hosts file and add two manual entries for each site. For example, the eTrade entries would look like this:

198.93.34.21 www.etrade.com
::1 www.etrade.com

This does reduce the initial time to load https websites, but as noted above, the navigation is still annoyingly slow. I suspect the DNS resolution is only one part of a much larger problem.

Reply

Answer 13

Feb 9, 2005 6:37 AM in response to Cusqueno

Cusqueno

This is a question that only you can answer. What is so special about this sight that it has to be secured or am I misunderstanding what secured sight means? All the angst for what?

Reply

Answer 14

Dan Lenz

Level 2

210 points

Feb 9, 2005 12:18 PM in response to Kimberley Bader

Just to add on to the people having problems, I mentioned a similar post about a week ago as follows:

About the time I ran the installation of "Security Update 2005-001 (Mac OS X 10.3.7 Client)", Safari started generating an error message anytime I tried to log into a site and establish a secure connection. Sample...

--------------
Safari cant open the page https://signin.apple.com/cgi-bin/WebObjects/signin/?locationurl=http://signin.info.apple.com/index.html because it couldnt establish a secure connection to the server signin.apple.com.
--------------

Tuttle had posted a response leveraging debug certificate checks that helped others and me for a session or two, but I still have the same problem.

Tuttle post: Tuttle, "https: ???????" #11, 08:36pm Dec 13, 2004 CDT

This problem is only with Safari. I can use Netscape or Explorer and everthing works fine.

Reply

Answer 15

Cusqueno

Level 1

10 points

Feb 10, 2005 7:27 AM in response to Kimberley Bader

I bit the bullet and installed 10.3.8 last night. I can report that https sites load noticeably faster and are now usable in my opinion. However, there is still a significant speed difference compared to regular http pages. Looking at the tcpdumps again, it appears the DNS queries are still using some IPv6 but don't appear to be waiting for it to finish. The https traffic starts as soon as the first result is returned. The update notes didn't mention Safari specifically, but something has certainly changed.

Reply