Incorrect SSL certificates

One of my domains bucksccc.org.uk, moved to a new host last Thursday. A new secure SSL certificate was issued and the site is now working correctly on machines all over the globe, inc phones, tablets, PCs etc. The one place it is not is my Mac. On any browser, I am given an error message saying site is insecure and certificate is not trusted. When I view the certificate it is showing the old one. I also have Windows 10 on my Mac and the site is fine on that. It is an old mac running (OS High Sierra). I have cleared cache on all browsers, refreshed Firefox, uninstalled Avast Security, rebooted - you name it I have tried it (obviously except the fix!)


Thanks for ideas - Frank

iMac 21.5", macOS 10.13

Posted on Apr 13, 2020 3:19 AM

Reply
41 replies

Apr 15, 2020 7:01 AM in response to fwsr

Flush the saved web data in Safari.


Please also post an EtreCheck report here. Download and enable full drive access and run EtreCheck. Then open a new reply here and then press the button that looks like a printed page to get a text input box big enough to paste the hardware and software configuration report here.


I deal a fair amount with SSL.


I do not trust most of the the security add-ons. Avast has had some shady-looking surprises. And the add-on security tools and add-on cleaners and add-on VPN clients can and variously do intercept comms, and which can clobber SSL traffic. Well-written SSL apps should detect and block the interception, but not all do.


The EtreCheck report will show what’s loaded here.


Apr 16, 2020 10:37 AM in response to BDAqua

Thanks for all your help. In the end I did a reinstall. On first attempt I also reinstalled all apps etc and the same thing happened (not surprisingly). Second time I set it up as a new machine and installed the apps I really need and use manually and all well. Bucksccc.org.uk is now loading correctly.


Thanks for taking the time even if a solution was not found. I found it all very instructive and know alot more than I did before.


Frank

Apr 13, 2020 9:41 AM in response to fwsr

Hi Frank, glad to see you rid yourself of Avast.


Go on the Apple certificate page:

https://www.apple.com/certificateauthority/


Download the Apple Intermediate Certificates

Apple IST CA 2 - G1 Certificate (direct download)


Double click the downloaded certificate to install it in Keychain Access.

You should see it now, in login certificates.


Try this browser...


https://brave.com/

Apr 15, 2020 9:29 AM in response to fwsr

On no evidence, I'd guess that some of the anti-malware has cached the certificate, or maybe something odd with the Dashlane password manager.


This Mac has various apps that would lead me to wipe and re-install, as I've found that to usually be the most expeditious approach for recovery. You probably won't want to do that—I used to not want to preemptively reinstall, too—so here you'll want to remove Avast, ESET, and Trusteer/Rapport. Or as I usually do now, back up, back up again, wipe, reinstall macOS, and restore current versions of the apps needed, and generally avoid add-on security apps, add-on VPN clients, add-on anti-malware, add-on cleaner apps, and related.


It's unclear if that WD Discovery Service is part of some WD app-update stuff, or if it's junk. But it's broken, whatever it is.


Flash and Silverlight would be gone here, but those are unlikely involved.


I'll assume you know about the Chrome remote desktop.

Apr 15, 2020 10:11 AM in response to fwsr

Add-on anti-malware apps have had a very long history of being wrong, of introducing instabilities, of crashes, of hangs, and all sorts of weird issues. For seemingly negligible benefits for you, over the Apple anti-malware. Avast was re-selling users' complete browsing and purchasing histories, so they probably made some money here. The add-on cleaner apps can cause similar issues with macOS environments, and have variously caused corruptions. Even when working properly, these add-on security tools are indistinguishable from malware that just doesn't like to share, given how these tools tie into macOS.

Apr 14, 2020 8:25 AM in response to fwsr

I am telling your problems are that your computer is infected with some severe malware. Your issues need to be remediated by a virus cleanup. Some of it is manual, some can be done with your built-in software. You have self defeated yourself by installing BOTH Trustear and Avast. Having two virus utilities effectively cancel each other out.


  1. Remove Trustear with their built-in uninstaller. If it doesn't have one, get AppDelete to do it for you.
  2. Run Avast full scan and Quarrantine whatever it finds.
  3. Download and run Easy Find after following step 4.
  4. Boot the machine in safe mode with the shift key.
  5. Open Easy Find and search for files by MacPaw and Zeobit and Chromium.
  6. Remove all files found in step 5.
  7. Delete Cleanmymac from your application folder and MacKeeper. Neither belongs.

Apr 15, 2020 6:32 AM in response to a brody

I have installed the update and have tried in Brave, Chrome, Safari and Firefox. The fact of the matter is that this only happens on one website bucksccc.org.uk. This is a domain I bought in about 2004. I built a website with joomla for it and it was hosted by Easyspace (Iomart). The powers that be at Bucks CCC decided that the site needed modernising and upgrading. I agreed and a company duly did the work (Shopblocks) and the new site was launched on 9/4/2020 when the DNS was changed to point at shopblocks and the SSL certificate updated. It works everywhere except on my Mac! And the certificate that all the browsers are concerned about (on my Mac) is the old iomart certificate. It is fine on my phone, my tablet, and Windows 10 (installed on the Mac as well) and on all other PCs/Macs in the house. This seems to be purely an OSX anomaly unique to my machine.


Thanks for continued interest.

Apr 14, 2020 8:34 AM in response to a brody

Thank you for this, and I will do what I can. However you will appreciate that life is quite confusing, when another on this thread tells you they are glad you have removed Avast and you are telling me to use it!. I run Trusteer, because my bank told me to, but fully appreciate that running two bits of software doing the same job is not clever. Also I was told to install and run EtreCheck, but then I was sent an article saying it was Malware! All confusing, but if the result works then great.


Thanks for help

Apr 15, 2020 2:14 AM in response to fwsr

I followed out your instructions and Avast, showed nothing. I did everything else you suggested in Safe mode. The little squirrel found a MacPaw folder from 12/4/20 but nothing else. I removed CleanMyMac etc, rebooted and problem remains.


I am sure my Mac is much better off for its spring Clean , but sadly my problem persists.

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Incorrect SSL certificates

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.