[Cyberduck-trac] [Cyberduck] #8741: VeriSign Intermediate CA causing issues on Mac OSX

Cyberduck trac at trac.cyberduck.io
Sun Apr 12 16:19:10 UTC 2015

#8741: VeriSign Intermediate CA causing issues on Mac OSX
    Reporter:  chesteap  |      Owner:  dkocher
        Type:  defect    |     Status:  new
    Priority:  normal    |  Milestone:
   Component:  s3        |    Version:  4.6.5
    Severity:  normal    |   Keywords:
Architecture:            |   Platform:  Mac OS X 10.9
 When I connect to S3 there is a certificate in the login keychain called
 's3.amazonaws.com' and this is signed by the VeriSign G3 CA, which in turn
 is signed by the VeriSign G5 CA.

 The problem is that there are two intermediate certificate authority
 certificates in the login keychain and this is stopping me from accessing
 web site signed by VeriSign (e.g. https://getsupport.apple.com) as it says
 the site's certificate is signed by an untrusted issuer.

 If I remove these CA from the login keychain then I can access the sites
 signed by VeriSign, but the next time I run CyberDuck and access S3, the
 two CAs are back in my login keychain.

 Do you know how to get the s3 certificate signed by the CAs in the Systems
 Roots keychain so I do not need the copies in the login keychan?

 I have been on to Apple support, but they don't seem to be able to resolve
 the issue for me.

 I am running OSX 10.9.5 with the latest security patches.

Ticket URL: <https://trac.cyberduck.io/ticket/8741>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list