Apple has an issue on its hands and it needs to address it either with a new OS X system update, or by releasing a new version of Safari, according to comments posted by Mac users over at the official Apple forums.
A relatively small thread titled “Invalid Certificate on every secured website”
indicates Apple messed something up in OS X 10.7.4, the latest incremental update to the company’s Lion operating system.
“...I’ve just updated to 10.7.4 with Safari 5.1.7 and after the update I'm always getting an Invalid Certificate for secured website [such as] www.paypal.com, every banking sites [sic] etc. The content is not entirely loaded even if I click ‘continue,’” writes a customer identified as sébastienfromquebec
“I don't know if it related but I can't install any Extensions in Safari. I had ClickToFlash and 1Password and neither can be reinstalled after the update. I got a message telling me that the extension cannot be installed,” writes Sébastien, the author of the thread.
Many others reported a similar experience after updating to the latest version of Lion.
Although 10.7.4 is likely the last major update for OS X Lion, Apple may still have to carry out some maintenance before OS X 10.8 Mountain Lion debuts this summer.
Customers can expect either a potential OS X 10.7.5 in the coming weeks, a standalone patch addressing this very problem, or even a new version of the Safari web browser.
Over at Cnet
, Topher Kessler has a few workarounds
for the problem.
This is what may restore your SSL functionality, if you’re in the same boat with Sébastien: check time and date; clear firewall settings; rebuild network configurations; turn off OCSP and CRL services; clear certificate management database caches; and, finally, ensure root certificates use default trust settings.
So far, there is no indication that Apple has learned of this issue.