Security Update 2015-004 trashes Apple.com SSL Certificate on Mavericks

Had the same exact problem. I am not sure if the following is wise, but it seems to have fixed it. I went to http://discussions.apple.com in safari and looked at the certificates. It was not trusting the top level VeriSign Class 3 .. G5 certificate. I accepted it and everything is fine. The one in the original keychain of a similar nature seems to be a G3 certificate. Not sure if the G5 was there or not initially. But it seems to be the same certificate as I have on another computer. Exported, Dropboxed it, and imported it. Had to set trust levels. Also deleted it and everything still was fine. I don't know enough about certificates to know if any of this makes sense, but it fixed my problem and I am using a certificate that was trusted by my system on another computer.

So I just updated another machine and it also broke. I went into keychain, the Verisign G5 certificate was there (login item and Certificates highlighted in keychain on left sidebar). I clicked on the G5 certificate, clicked on trust and changed from system defaults to always trust. Everything worked fine after that. It appears that it is the same certificate as before. I suspect they just broke what the system default was for that certificate and/or intended to break it but failed to update the certificate.

THANK YOU. Been tearing my hair out trying to find a solution that actually worked!

Next question is -- what happens when there's a new update found by Software Update.app?

In my case (on Mavericks 10.9.5) -- the CSS isn't working, so I see information but not presented properly, and when I click the `apply update` button, I get prompted to log in -- which fails to connect, so fails to authenticate, so no update for me. (One downside to App Store distribution -- when App Store is broken, *nothing* gets an update.)

Thank you so much. I lost half a day over this.

Still an issue for me...

Tonight, Message Center announced there was an update waiting -- and when I went in to Software Update…, it displayed correctly!

And when I clicked update, it prompted for AppleID and password, for which ... connection failed.

So no AppStore updates nor new apps can be installed.

I'm astonished this is still going on more than a week later!

Solved! At last!

I cannot say exactly which step was the key, so here are most of the steps I took. Hopefully this helps someone.

1. Took the steps in Invalid or incorrect Certificates including reboot.
2. Took the steps in Edit your Keychain including reboot.
3. Downloaded and manually reinstalled Security Update 2015-004.

4. Repaired permissions and directories with Recovery reboot.

5. Took the steps in Invalid or incorrect Certificates including reboot.

6. Took the steps in Edit your Keychain including reboot.

I've gone through some of these steps multiple times, just hoping it would work that time...

Today -- when I went into Mail.app, it whined about the certs for me.com servers -- so I made *that* always trusted. And this time, iTunes.app didn't complain about any certs! And this time, Software Update.app didn't complain about any certs! And it successfully applied the three-week delayed updates!

So I'm hoping it's all done and done. OMG, frustrating along the way!

I believe the biggest problem here is the (incorrect) notion that the certificate is invalid.

I own several servers on a rack over at the planet, I run 4000 domain websites, (there is no way I am paying high prices for a (authority) SSL certificate when I can produce my own perfectly valid, (yes valid) SSL certificate, since I am the only one using the certificate it should not be a problem.

My question here is why is this a problem for APPLE...

(is it possible that APPLE, owns some of these "authority" Signed Services?

Seriously, IF I am using my own server and I am connecting my own computer and both SSL certificates originated from my one computer.

WHY is apple so worried about what might happen?

(What I did to solve this issue?) Simple I stopped using MAIL.APP

Should I stop using Apple as well, ? Tell me I hear Linux is quite nice and does not have this problem at all and its FREE...

(also don't preach to me about freedom, when I spend hours of my time on trying to fix a programming hang issue, Its not FREE)