Saya memutakhirkan dari Mac OS X 10.11.3 menjadi 10.11.4 minggu ini. Setelah itu, saya menemukan bahwa, jika saya membuka beberapa perangkat lunak misalnya halaman unduh simulator Xcode, atau klien HMA (Klien VPN), ia melaporkan beberapa info: sertifikat yang tidak valid terdapat di bawah:
"Could not download and install OS X 10.11.4 Documentation. The certificate for this server is invalid. You might be connecting to a server that is pretending to be “devimages.apple.com.edgekey.net” which could put your confidential information at risk."
Atau:
"System.Net.WebException: Error: SendFailure (Error writing headers) ---> System.Net.WebException: Error writing headers ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code: 0x5
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.RemoteValidation (Mono.Security.Protocol.Tls.ClientContext context, AlertDescription description) [0x00000] in <filename unknown>:0 "
Dan di log sistem, saya juga melihat:
17467 error=Error Domain=kCFErrorDomainCFNetwork Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “setup.icloud.com” which could put your confidential information at risk." UserInfo={NSErrorFailingURLStringKey=https://setup.icloud.com/configurations/init, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9807, kCFStreamPropertySSLPeerCertificates=(
17468 "<SecCertificate 0x7fdaba571060 [0x7fff7abb5440]>",
17469 "<SecCertificate 0x7fdaba551430 [0x7fff7abb5440]>"
17470 ), _kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrust 0x7fdaba412b20 [0x7fff7abb5440]>, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “setup. icloud.com” which could put your confidential information at risk., _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://setup.icloud. com/configurations/init, _kCFStreamErrorCodeKey=-9807}, httpStatusCode=-1, responseHeaders=
17471 (null)
Namun, jika saya membuat akun admin baru di mesin yang sama, masalah hilang. Saya tidak yakin apa yang rusak dan saya bisa memperbaikinya.
Tolong bantu saya memperbaikinya! Terima kasih!
certificate
Wingzero
sumber
sumber
Jawaban:
Jadi setelah mengajukan bug pada Radar, Apple menyuruh saya untuk memeriksa gantungan kunci - preferensi - tab sertifikat.
Mengubah pengaturan CRL dari
require if certificate indicates
keBest attempt
atauoff
, masalahnya hilang.Jadi sepertinya, beberapa sertifikat CA di bawah 'System Root' kedaluwarsa.
Jadi kami punya dua opsi:
sumber