Opened 8 years ago
Last modified 8 years ago
#15208 new defect
SSL certificate error on update check
| Reported by: | Christoph Franke | Owned by: | |
|---|---|---|---|
| Component: | other | Version: | VirtualBox 5.0.16 |
| Keywords: | SSL certificate, update | Cc: | |
| Guest type: | other | Host type: | Mac OS X |
Description
The update check process on VirtualBox on my MAC fails due to an error with the SSL certificate (Wrong SSL certificate). I already found ticket #13380 which sounds like my problem but none of the stated solutions works for me.
I ended up using Wireshark to debug the problem. The error message I got was "Unknown CA" when VirtualBox tried to check for an update. The server connected was 137.254.60.34, but I don't know which CA is used so I can't check my key chain for the respective root CA and its certificates.
Attachments (1)
Change History (6)
by , 8 years ago
| Attachment: | VirtualBoxError.jpg added |
|---|
comment:1 by , 8 years ago
Go to https://update.virtualbox.org/query.php and display the certificate in your browser. The certitifacte is the same as used by this server (https://www.virtualbox.org).
comment:2 by , 8 years ago
Well, I imported the complete chain into the Mac OS X keychain:
- VeriSign Class 3 Public Primary Certification Authority - G5
- Oracle SSL CA - G2
- www.virtualbox.org
Sorry to say it did not help. Or did I so something wrong?
comment:3 by , 8 years ago
Strange. No problem checking the connection on Mac's console using curl. What else should I look for? $ curl -v https://www.virtualbox.org
- Rebuilt URL to: https://www.virtualbox.org/
- Trying 137.254.60.32...
- Connected to www.virtualbox.org (137.254.60.32) port 443 (#0)
- TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- Server certificate: www.virtualbox.org
- Server certificate: Oracle SSL CA - G2
- Server certificate: VeriSign Class 3 Public Primary Certification Authority - G5
GET / HTTP/1.1 Host: www.virtualbox.org User-Agent: curl/7.43.0 Accept: */*
< HTTP/1.1 200 OK < Date: Tue, 08 Mar 2016 15:30:07 GMT < Server: Oracle-Application-Server-11g < Cache-Control: must-revalidate < Content-Length: 9959 < Set-Cookie: trac_form_token=19d7ae4ae53d1183307e554a; Path=/; secure; < Set-Cookie: trac_session=5c19ecdf7758de712ddea26e; expires=Mon, 06-Jun-2016 15:30:07 GMT; Path=/; secure; < Content-Type: text/html;charset=utf-8 < <!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 StrictEN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
comment:4 by , 8 years ago
Ok, what I ended up with was to completely uninstall VirtualBox including all configuration files using an application uninstaller and reinstalling it from scratch. Whatever caused the problem, it's gone now ...
comment:5 by , 8 years ago
Mac users:
I would like to add to this issue, as I have been suffering this for months. Here's what didn't work:
- Deleting the certificate file.
- Downloading certificates as mentioned in ticket 13380.
Here's what finally worked.
- Go to Applications -> Utilities -> Keychain Access
- In keychains, look in login (though it's possible you may have to find yours in a different section)
- Sort by expiration date. Not only did I see a cert with an X next to it, it had the same expiration date as that damn VBox cert that kept failing. And, there were many other certificates with the same name, but they were all revoked (and not a problem). I deleted that expired cert only.
Problem solved and I created this account just to share what finally worked (for me). Good luck!
Error message (german localisation)