Unable to establish secure connection to idmsa.apple.com
Here is my basic problem: I can no longer establish a secure connection to idmsa.apple.com with any app that uses ATS (App Transport Security) like Safari, nscurl, etc.
When trying to log in to any Apple site, like these communities, using Safari, it says “can’t establish a secure connection to the server”. However, using other browsers (Firefox) I can successfully log in to Apple sites but I presume Firefox is not using ATS like Safari.
I am running macOS 10.13.6 with all the latest updates. I thought maybe it was an issue with my account, but the problem persists in a freshly created account.
Trying to run nscurl using ATS diagnostics results in all failures (partial output below). At this point, idmsa.apple.com it is the only URL that fails for me.
================================================================================
Default ATS Secure Connection
---
ATS Default Connection
ATS Dictionary:
{
}
2020-03-23 20:00:33.554 nscurl[8037:2234736] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)
Result : FAIL
Error : Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x7f88536319c0>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, NSErrorPeerCertificateChainKey=(
"<cert(0x7f8853827000) s: idmsa.apple.com i: Apple IST CA 2 - G1>",
"<cert(0x7f885381bc00) s: Apple IST CA 2 - G1 i: Baltimore CyberTrust Root>"
), NSUnderlyingError=0x7f8853411fe0 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x7f88536319c0>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x7f8853827000) s: idmsa.apple.com i: Apple IST CA 2 - G1>",
"<cert(0x7f885381bc00) s: Apple IST CA 2 - G1 i: Baltimore CyberTrust Root>"
)}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://idmsa.apple.com/, NSErrorFailingURLStringKey=https://idmsa.apple.com/, NSErrorClientCertificateStateKey=0}
---
================================================================================
Any ideas what could be causing this?