Back up all data.
Launch the Keychain Access application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad and start typing the name.
From the Category list in the lower left corner of the window, select My Certificates. In the list of certificates on the right, there may be one or more have a name that begins with "DigiCert" or "VeriSign". Export each such certificate by dragging it to the Desktop, then delete it from the keychain. If there are any certificates marked with a red "X" as expired or invalid, regardless of name, delete them without exporting.
Next, select Certificates from the Category list. Look carefully at the list of certificates in the right side of the window. If any of them has a blue-and-white plus sign in the icon, double-click it. An inspection window will open. Click the disclosure triangle labeled Trust to disclose the trust settings for the certificate. From the menu labeled
Secure Sockets Layer (SSL)
select
no value specified
Close the inspection window. You'll be prompted for your administrator password to update the settings.
Now open the same inspection window again, and select
When using this certificate: Use System Defaults
Save the change in the same way as before.
Revert all the certificates with non-default trust settings. Never again change any of those settings.
Again, delete all expired or invalid certificates.
Log out or restart the computer. Test. If all is now well, back up again, then delete the certificates you exported to the Desktop.
