[Resolved] Update check fails, wrong SSL certificate
-
AnTiarnaDorcha
- Posts: 2
- Joined: 25. Jan 2019, 16:59
[Resolved] Update check fails, wrong SSL certificate
I recently updated to 6.0.2. Before doing so, I asked VB to check for updates, and got the 'wrong SSL certificate' error. I manually updated, the problem remained. I uninstalled VB (aside from the VMs) and reinstalled. Issue remains. Is this potentially a function of my using VB at a university, where they may be running some interference on certificate processes? Or is something remiss on my machine (MacOS 10.13.6) that is beyond the VB installation to remedy? I attach an image of the error. I have had this in the past and I think I was able to fix it by using a shared cert, but it seems to have returned and the shared cert doesn't seem a proper solution.
- Attachments
-
- Screen Shot 2019-01-25 at Fri, 25 Jan 14.33.24.jpg (33.88 KiB) Viewed 2703 times
Last edited by AnTiarnaDorcha on 12. Feb 2019, 16:24, edited 1 time in total.
-
AnTiarnaDorcha
- Posts: 2
- Joined: 25. Jan 2019, 16:59
Re: Update check fails, wrong SSL certificate
OK, I have solved this issue. The answer can be found at https://www.virtualbox.org/ticket/13380, but I'm summarise it here because the answer there lies across a couple of posts.
The problem is because of a faulty certificate in Keychain Access. We have to track that down (I think maybe it is different for different people) and then delete that.
Do the following with VB closed.
Find vbox-ssl-cacertificate.crt. On macOS Mojave, this is in /Users/YOUR_USERNAME/Library/VirtualBox/.
Now, open Terminal, ideally probably in the above folder.
Type in: openssl x509 -in vbox-ssl-cacertificate.crt -text -noout
This yields output that allows you to see the actual certificate that Virtualbox has latched on to in Keychain Access. Near the top of the output, you'll see the cert name and date, which lets you find it in Keychain Access.
Open KA, click on 'Certificates' on the left under Category. The one you seek will probably be right there in the list, and probably has a red x, because there is some problem with it. Delete it.
Now delete vbox-ssl-cacertificate.crt in the VB folder, above. That removes the faulty cert and kills the connection back to it.
Done! Re-start VB, and your 'check update' should work fine. (VB will make a new crt file, but can't link it to the wrong cert.)
The problem is because of a faulty certificate in Keychain Access. We have to track that down (I think maybe it is different for different people) and then delete that.
Do the following with VB closed.
Find vbox-ssl-cacertificate.crt. On macOS Mojave, this is in /Users/YOUR_USERNAME/Library/VirtualBox/.
Now, open Terminal, ideally probably in the above folder.
Type in: openssl x509 -in vbox-ssl-cacertificate.crt -text -noout
This yields output that allows you to see the actual certificate that Virtualbox has latched on to in Keychain Access. Near the top of the output, you'll see the cert name and date, which lets you find it in Keychain Access.
Open KA, click on 'Certificates' on the left under Category. The one you seek will probably be right there in the list, and probably has a red x, because there is some problem with it. Delete it.
Now delete vbox-ssl-cacertificate.crt in the VB folder, above. That removes the faulty cert and kills the connection back to it.
Done! Re-start VB, and your 'check update' should work fine. (VB will make a new crt file, but can't link it to the wrong cert.)