Many websites (e.g. the guardian.com) are down
GlobalSign recommends deleting both OCSP and CRL caches, is this wise ? how ?
Thank you
MacBook Pro (Retina, 13-inch, Late 2012), iOS 10.0.2
Ok, no problem. It would appear Globalsign's advice is out of date when it comes to macOS Sierra. Instead you should paste the following command line (it's all one line) into a Terminal window:
sqlite3 ~/Library/Keychains/*/ocspcache.sqlite3 'DELETE FROM responses WHERE responderURI LIKE "%http://%.globalsign.com/%";'
This just removes the expired Globalsign certificates from the cache.
Ok, no problem. It would appear Globalsign's advice is out of date when it comes to macOS Sierra. Instead you should paste the following command line (it's all one line) into a Terminal window:
sqlite3 ~/Library/Keychains/*/ocspcache.sqlite3 'DELETE FROM responses WHERE responderURI LIKE "%http://%.globalsign.com/%";'
This just removes the expired Globalsign certificates from the cache.
It won't cause any damage and may solve the issue.
As to how, see: https://support.globalsign.com/customer/portal/articles/1353318-view-and-or-dele te-crl-ocsp-cache
Dear Trevoz
Thank you. Yes, I also saw this advice from "GlobalSign"
I am so clueless about the inner workings of computers that I have no idea where to enter the commands recommended
I get as far as "Utilities" > "Terminal" > and then ?
when I tried copy pasting the instruction to "delete both OCSP and CRL cache":
certutil -urlcache * delete
I get the message "command not found"
Tedious
Sorry to bother you with it
M
Wow, thank you
That was so impressive
Having spent all evening, wondering why I was not able to understand "GlobalSign" instructions
You fixed it in a matter of seconds
Thank you
With best wishes
M
No worries, glad to have been of help 🙂
funny
I am so clueless about these discussions. I had meant to press the "this solved my problem" tab
In fact I pressed "helpful" - which probably means you get less points. Sorry.
tried to change it retrospectively but saw/still see no way round that mistake
M
You did in fact select Solved on the correct post 🙂 Then gave me additional points with Helpful on another post 🙂
So fear not. My points cup is overflowing 🙂
It's not about points anyway. I get more out of answering the questions as I get to learn more about my secondary operating system - I run FreeBSD on most of my Mac Minis.
Thank you ! - inspiring - I've never dared venture into other operating systems
I forwarded your advice to others acknowledging your help.
M
I tried this, and got: SQL error: file is encrypted or is not a database
This is on Sierra 10.12.2 Beta (16C32e)
I'm having an error here on 10.12.1
Error: near "/": syntax error
Not sure which "/" is being referred to though.
I have the same error on 10.12.1
what is the manual way to clean?
I've solved this.
What I suggest you do is open this path
~/Library/Keychains
There you may see multiple folders with GUID like names.
Replace the * in the command above with the name of the folder.
So for example I used
sqlite3 ~/Library/Keychains/698D32DB-5B41-5382-96B6-73BE3AC5E913/ocspcache.sqlite3 'DELETE FROM responses WHERE responderURI LIKE "%http://%.globalsign.com/%";'
See if this works for you
Thank you so much.
I tried but a get no anwer from terminal.
when i press enter it gives no answer it only displays the start prompt again.
Normally it gives answer like cache cleaned ..
I didnt get a response either.
Just try restarting your browsers and see if it works.
Just tried but not working, but thanks a lot
GlobalSign recommends deleting both OCSP and CRL caches, is this wise ? how ?
