Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

jdw13

macrumors regular
Original poster
What is this that just started? I has popped up a couple of times and Safari seems to not respond, even in other windows, until I respond with "Deny". I do not want to approve something I do not understand....
 

Attachments

  • Trusted_Compressor_Services.png
    Trusted_Compressor_Services.png
    132 KB · Views: 51
Open Keychain, look for "Trusted Compressor Services" and check when it was created and any other details that might indicate what it is.
 
That prompt isn’t one of the standard macOS keychain dialogs as far as I know, and the name “Trusted Compressor services” doesn’t correspond to a built-in macOS item either imho. The wording “Safari wants to sign using key…”seems to imply Safari is trying to use a certificate or private key stored in your login keychain, which could have been installed by a website, business application, VPN, or other third-party software.

I definitely wouldn’t click Always Allow until you know what it is.

A few questions that may help narrow it down: Does this happen on every website or only one specific site? Did it start after a macOS or Safari update, or after installing any new software? Do you use any work VPNs, security software, or websites that require certificates? Also, if you open Keychain Access and search for “Trusted Compressor services,” what kind of item is it (certificate, private key, password, etc.)? That information might give us a clue as to where it came from and whether it’s something legitimate or even any old/stale keychain entry.
 
Open Keychain, look for "Trusted Compressor Services" and check when it was created and any other details that might indicate what it is.
All I could find with "Compressor" was some private keys used by com.apple.Compressor.CHTTPServer, but none of this makes any sense to me.
 

Attachments

  • usedBy_com.apple.Compressor.CHTTPServer.png
    usedBy_com.apple.Compressor.CHTTPServer.png
    84.2 KB · Views: 26
  • PrivateKeys.png
    PrivateKeys.png
    144.1 KB · Views: 27
I would delete the "Trusted Compressor Services" entry from Keychain. If Compressor needs it, it will be recreated next time Compressor is started.

There was a serious vulnerability in Compressor
"An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code"
 
I would delete the "Trusted Compressor Services" entry from Keychain. If Compressor needs it, it will be recreated next time Compressor is started.

There was a serious vulnerability in Compressor
"An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code"
Thanks, but how do I find that entry? I could not find anything with "Trusted Compressor Services" in my KeyChain or Keychain Access. All I found was things that matched "Compressor" were keys for "com.apple.Compressor.CHTTPServer" and I don't know if that is related to this or not.
 
Thanks, but how do I find that entry? I could not find anything with "Trusted Compressor Services" in my KeyChain or Keychain Access. All I found was things that matched "Compressor" were keys for "com.apple.Compressor.CHTTPServer" and I don't know if that is related to this or not.
As com.apple.Compressor.CHTTPServer is the only one, that must be read by Safari/macOS as "Trusted Compressor Services". Delete it and see if the problem is solved in Safari. Quit Safari, start Compressor, check if it has been recreated in KeyChain and see if it interferes with Safari again.

What Compressor version do you have installed?
 
I have Compressor 5.3, the latest I think, and I am running Tahoe 26.5.2 and have not been prompted again at least this soon.
I removed the " com.apple.Compressor.CHTTPServer" and I do not use Compressor AFAIK, unless it has been used by Safari for viewing YouTube videos or something similar.
Thanks again...
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.