Mac OS X Lion 10.7.2 update breaks SSL
Posted
by
mcandre
on Super User
See other posts from Super User
or by mcandre
Published on 2011-10-23T22:19:23Z
Indexed on
2011/11/18
1:53 UTC
Read the original article
Hit count: 394
Summary
After updating from 10.7.1 to 10.7.2, neither Safari nor Google Chrome can load GMail. Spinning Beachballs all around.
The problem isn't GMail; Firefox loads GMail just fine.
The problem isn't limited to Safari or Google Chrome; Other applications also have trouble with SSL: Gilgamesh and Safari. Any program that uses WebKit (Google Chrome, Safari) or a Cocoa library (Gilgamesh) to access the Internet has trouble loading secure sites.
The various forums online suggest a handful of fixes, none of which work.
Analysis
Fix #1: Open Keychain Access.app and delete the Unknown certificate.
The 10.7.2 update also prevents Keychain Access from loading. The Keychain program itself Spinning Beachballs.
Fix #2: Delete ~/Library/Keychains/login.keychain and /Library/Keychains/System.keychain.
This temporarily resolves the issue, and lets you load secure sites, but a minute or two after rebooting or hibernating somehow magically undoes the fix, so you have to delete these files over and over.
Fix #3: Delete ~/Library/Application\ Support/Mob* and /Library/Application\ Support/Mob*.
There is a rumor that the new MobileMe/iCloud service ubd is causing the issue. This fix does not resolve the issue.
Fix #4: Open Keychain Access, open the Preferences, and disable OCSP and CRL.
This fix does not resolve the issue.
Fix #5: Use the 10.7.0 -> 10.7.2 combo installer, rather than the 10.7.1 -> 10.7.2 installer.
When I run the combo installer, it stays forever at the "Validating Packages..." screen. The combo installer itself is bugged to He||.
I force-quit the installer, ran "sudo killall installd" to force-quit the background installer process, and reran the combo installer.
Same problem: it stalls at "Validing Packages..."
Recap
The only fix that works is deleting the keychains, but you have to do this every time you reboot or wake from hibernate. There is some evidence that ubd continually corrupts the keychain files, but the suggested ubd fix of deleting ~/Library/Application\ Support/Mob* and /Library/Application\ Support/Mob* does not resolve this issue.
Evidently, something is corrupting the keychain over and over and over.
Also posted on the Apple Support Communities.
© Super User or respective owner