safari gives cert error and fails to load UI
Bruce Kendall reported problems loading MetacatUI under Safari 7.0.2 under Mac OS X Mavericks. He writes:
"You might let the IT guys know that the knb website seems to be rejecting connections from Safari on a Mac (“The server did not accept the certificate”). I could connect fine with Chrome."
Upon inspection, we have the system functioning under Savari 6.1.1 (Matt) and 7 (Lauren), but not for everyone. We had suspected a relationship to the Safari SSL renegoiation issue that has been reported previously for DataONE and KNB (see https://redmine.dataone.org/issues/3255), but now this looks like it might be different than that.
#5 Updated by Nick Brand over 5 years ago
I'm still seeing this issue on my machine (OS X 10.11, Safari 9.0.2).
It appears to be related to the "SSLVerifyClient optional" config in Apache. If I change it from 'optional' to 'none', the error goes away.
Some time on Google shows:
"optional" does not work with all browers:
The Apache project is aware of the Safari interaction: