Anything is possible, any security can be broken.. even govt security (I have done this many times in Ukraine).
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Other A proxy to fix HTTPS issues on old versions of OS X
- Thread starter Wowfunhappy
- Start date
- Sort by reaction score
Hi all, And sorry for my very basic questions... I'm on Mavericks (Macbook pro) and once Legacy Mac proxy is installed, I'm not at all sure how to go to "Open /Library/Squid/Certificates/squid.pem in Keychain Access, and add it to your keychain.". In the sense that /Library/Certificates/.... doesn't seem to be there at all....
@H/finn You're confusing the former path with the latter: they're not the same path. To open the required one go to /Library/Squid/Certificates/squid.pem, i.e. the Certificates folder that sits inside the Squid folder, not the Volume's Library. Then open PEM file, it's associated with Keychain Access by default.
Thanks for getting back to me. I get it now. But unfortunately, after installation, I don't have a Squid folder inside the Mac's Library... Is it because, when installing, I have to untick "Dictionary Fix" 'cause otherwise I get the message: "The installer can't locate the data it needs....."...? Thanks
No idea why that happens. Uninstall all Squid-related components with a script bundled with the Installer and then try installing again from scratch.
Make sure you’re looking in the Library on the root of your HD (aka, inside “Macintosh HD” if you haven’t changed the name), and not your user Library folder.
That is fantastic! Firefox, Chrome, Chromium even Tor, they all work now. I guess the instructions were a touch too vague for a noob like me. Thank you very very much. Finally. Wasn't looking forward to upgrading Mavericks, having Bootcamp and all... One extra thing you might maybe help me with: I use zyxel Secuextender vpn to work remotely (home-->office). Works perfectly on Bootcamp/Win 7. Stopped working on Mavericks after a couple of weeks and I think it's a similar problem to the not-working browsers....Any suggestion...? (I obviously prefer to use it on Mavericks as opposed to Win 7...) Thanks!
I think whenever I next get around to updating this, I'm going to import that certificate automatically. It's extremely easy to do, but I wasn't doing it for ethical reasons—people should know when they are adding a root certificate to their computer. But I also don't want anyone to be stuck.
If it happened recently (was it the end of September, per chance?), it actually might be that you're missing the ISRG Root X1 certificate. It so happens that the most recent version of the Chromium Legacy Downloader will offer to fix this automatically, so that may be the easiest route.
If that's not it, you might see if you can use a third-party VPN client instead of the precise app your company gave you. For instance, I happen to use Viscosity 1.7.11 whenever I need a VPN, and it seems to work consistently (and I'd be somewhat better equipped to help troubleshoot). Viscosity costs money, but there's a trial if you want to see if it works, and I for one don't mind paying for well-designed software. Note, since we're in this thread, that the https proxy will be ineffective while you are connected to the VPN.
If it happened recently (was it the end of September, per chance?), it actually might be that you're missing the ISRG Root X1 certificate. It so happens that the most recent version of the Chromium Legacy Downloader will offer to fix this automatically, so that may be the easiest route.
If that's not it, you might see if you can use a third-party VPN client instead of the precise app your company gave you. For instance, I happen to use Viscosity 1.7.11 whenever I need a VPN, and it seems to work consistently (and I'd be somewhat better equipped to help troubleshoot). Viscosity costs money, but there's a trial if you want to see if it works, and I for one don't mind paying for well-designed software. Note, since we're in this thread, that the https proxy will be ineffective while you are connected to the VPN.
Last edited:
Wowfunhappy
thank you for the software helping us use our vintage apple gear.
today i installed squid on a MacBook air 2GB running Mountain lion
I installed said, set the network proxies, applied, and everything was block on Firefox legacy.
when i saw this i reset everything back, but did not check this on Safari.
my question is does this software work only with safari in Mountain Lion?
thanks again!
thank you for the software helping us use our vintage apple gear.
today i installed squid on a MacBook air 2GB running Mountain lion
I installed said, set the network proxies, applied, and everything was block on Firefox legacy.
when i saw this i reset everything back, but did not check this on Safari.
my question is does this software work only with safari in Mountain Lion?
thanks again!
First off, IMO anyone on 10.7 - 10.9 should be using Chromium Legacy at this point for web browsing. Running an outdated browser on an OS which is also outdated is a good way to get hacked. Either one is (again, in my opinion) mostly fine if you aren’t a target, but not both together.
That said, Firefox and Chrome/chromium shouldn’t need this proxy at all because they have their own HTTPS implementations. In Firefox, the proxy actually causes problems because Firefox also uses it’s own certificate store, which is why the readme instructs you to tell Firefox to bypass the system proxy. This is for all OS’s, not just Mountain Lion.
Does that help? I’m not sure I understand your question.
Is this software, proxy setting geared for Safari usage?
(since firefox legacy works perfectly in MtLion)
thanks again!
No, it’s not intended for web browsers at all, and the fact that people use it for that purpose makes me somewhat uncomfortable. (But I also recognize that people are free to do whatever they want on their own computers.)
The proxy is intended for other types of apps which connect to the internet via Apple’s default networking libraries. Dictionary, Apple Mail, iCal, various Dashboard widgets, Transmission, etc etc have connection errors that go away when I’m using this proxy.
Last edited:
...."If that's not it, you might see if you can use a third-party VPN client instead of the precise app your company gave you. For instance, I happen to use Viscosity 1.7.11".... Funny, because Zyxel Secuextender in fact uses Viscosity, I can see it in my keychain, and yet.....
Anyway, a couple more questions if I might: want to replace hard drive with SSD. Any suggestion on which model (500gb)? And the app/programme to transfer everything from existing drive to ssd? (I guess I'll loose the bootcamp partition, right?). Thanks again.
Anyway, a couple more questions if I might: want to replace hard drive with SSD. Any suggestion on which model (500gb)? And the app/programme to transfer everything from existing drive to ssd? (I guess I'll loose the bootcamp partition, right?). Thanks again.
I've been seeing this for quite a while (since the beginning of this year, I think: it was all visible in 2020). Image placeholders for articles on Mac App Store (10.7). Little Snitch reveals that among connections made by the App Store app there're mzstatic domains. Pinging those bounces back however it doesn't load all of the item images, but strangely some of them as in the picture below.
P.S. I miss iTunes Store in the best iTunes ever – iTunes 10. Is it not possible to revive it really? Must be a hack or smth.. Was so convenient to manage your purchases from the desktop.
P.S. I miss iTunes Store in the best iTunes ever – iTunes 10. Is it not possible to revive it really? Must be a hack or smth.. Was so convenient to manage your purchases from the desktop.
Last edited:
Happy New Year! I've just pushed an update to this proxy which attempts to fix some of the instances where Squid would randomly stop working and need to be restarted. Since the issue is intermittent, I had to make some guesses, but I'm relatively confident this should help.
1. The package will now install a different binary on Snow Leopard than on Lion and newer. The Snow Leopard binary comes with its own libcxx library (courtesy of MacPorts), whereas the 10.7+ binaries will use the system's libcxx library. Before, I was using the MacPorts libcxx library everywhere, which may have been causing weird things to happen—you're not supposed to mix different libcxx libraries on the same system.
2. Squid will automatically shut down when your computer looses its network connection, and start up again once the connection is restored. Side effect: there will be a noticeable delay between when you connect to the internet and when Squid finishes starting up.
In addition, the Squid certificate now gets added to Keychain Access automatically. I've known how to do this for a long time, but I had ethical issues with it. I changed my mind, because it's just a much better user experience.
If you installed the proxy previously, please use the uninstall script before installing the new version.
1. The package will now install a different binary on Snow Leopard than on Lion and newer. The Snow Leopard binary comes with its own libcxx library (courtesy of MacPorts), whereas the 10.7+ binaries will use the system's libcxx library. Before, I was using the MacPorts libcxx library everywhere, which may have been causing weird things to happen—you're not supposed to mix different libcxx libraries on the same system.
2. Squid will automatically shut down when your computer looses its network connection, and start up again once the connection is restored. Side effect: there will be a noticeable delay between when you connect to the internet and when Squid finishes starting up.
In addition, the Squid certificate now gets added to Keychain Access automatically. I've known how to do this for a long time, but I had ethical issues with it. I changed my mind, because it's just a much better user experience.
If you installed the proxy previously, please use the uninstall script before installing the new version.
Last edited:
Nice to see you popping in here again! I thought you were gone for good. How are you studies? Thank you for your efforts – much valued and Long Live Legacy Proxy!
Happy New Year too?!
Happy New Year too?!
I'm on winter break! (That said, the goal is to get this to a point where I don't have to update it again!)
Not going well, I'm second-guessing whether I want to study the thing I'm studying, I'd rather not talk about it though.
To be clear, I was expecting this delay to be less than ~90 seconds. I got an email from someone this morning saying it takes nearly five minutes on their machine. Has anyone else experienced that?
Edit: Never mind, he emailed me again to say it was actually something else.
Last edited:
I do not detect anything strange. I have uninstalled and reinstalled. And I keep taking the opportunity to navigate with Chrome 65 ;-). But the websites hosted on Coudflare keep detecting me as "hacked" and asking for capchas ;-). Obviously that doesn't happen with Chromium. He also asks for them with Safari 9
Attachments
Since a couple of days back the weather widget stopped working. It just wouldn't update data so it looked like there's something with the internet connection. I disabled Secure Web Proxy in Network Preferences and there it was. Working weather widget back here. I figure it has something to do with Squid since when I turned it back as it was the widget turned dead again.
Mavericks, MBP mid-2012.
upd. Never mind. Uninstalled squid, rebooted. Re-installed squid, rebooted. Everything works fine again.
Mavericks, MBP mid-2012.
upd. Never mind. Uninstalled squid, rebooted. Re-installed squid, rebooted. Everything works fine again.
Last edited:
Sigh. I think I might know what happened, because I just ran into it myself.
If this happens again (to you or anyone), please try deleting the file /Library/Squid/squid.pid, then reboot and see if everything is fixed. If it does, tell me—I'd like to know if this is common (in which case, I'll have to fix it, somehow) or a very rare occurrence. It's a Squid bug, and I'm not immediately sure how to work around it...
Edit: Never mind, that was actually an easy fix—the package has been updated. Squid will now save it's PID file to /tmp, which should make the issue go away.
Last edited:
Hell, now the same thing happens to Calendar. When proxy's on I get "The server responded with an error. The server is currently unreachable or the connection was blocked". Disabled proxy and it's working fine. I probably have to mention that I don't use iCloud but Fruux. I added dav.fruux.com to the "Bypass proxy settings" but it didn't help. I'm going to reboot. If it works I'll update this message. So far it's not working.
upd. Sorry, false alarm. After adding dav.fruux.com to bypass proxy I had to reboot. Back to normal again. Is it supposed to be that way? It used to work without it. I mean I'm fine, no problem, I'm just curious.
upd. Sorry, false alarm. After adding dav.fruux.com to bypass proxy I had to reboot. Back to normal again. Is it supposed to be that way? It used to work without it. I mean I'm fine, no problem, I'm just curious.
Last edited:
I don't have to reboot for that to take effect, but since it's all Apple functionality I don't really know.
Now, I am mildly curious why fruux doesn't work through the proxy. Regardless of what service you use, the calendar respects Keychain certificates and system proxy settings. It's good that it works without the proxy for now, but it would be a problem if they increased their https requirements in the future.
Are you sure the proxy was working in general before you rebooted?
I am absolutely sure. Because I rebooted just to be sure after I reinstalled the newest version.
However, I, for some reason, had always insert my password as soon as I opened my address book (wouldn't synchronize otherwise) and I had to enter Internet accounts and enter my password every time. Strange behavior. But it happened only for the address book, never for the calendar and notes. It always seemed strange to me. It never happened on High Sierra (obviously, no proxy). And it still continues to happen now on Mavericks even though I mentioned fruux as an exception to the proxy.
However, I, for some reason, had always insert my password as soon as I opened my address book (wouldn't synchronize otherwise) and I had to enter Internet accounts and enter my password every time. Strange behavior. But it happened only for the address book, never for the calendar and notes. It always seemed strange to me. It never happened on High Sierra (obviously, no proxy). And it still continues to happen now on Mavericks even though I mentioned fruux as an exception to the proxy.
Last edited: