I originally posted about this in the Mavericks section, where it never belonged, because it also works on 10.6–10.8. Here's a new thread for our fancy section!
If you're currently running an old version of OS X, and it's connected to the internet, you probably already have this line somewhere in the Console:
No need to go looking for it. If you're on OS X 10.9 or below, just open the Dictionary app and try searching for something on Wikipedia. Dictionary will tell you that Wikipedia's servers are unavailable—an obvious lie, since it loads elsewhere. And that little SSLHandshake error will appear in the console.
Here's what's going on: Your version of OS X does not support newer versions of https. Wikipedia, like many modern websites, does not support older versions of https. This creates an impasse where neither can talk to each other.
To fix this problem, you need an interpreter—a piece of software which sits between you and the server, intercepts your traffic, and modifies it to be compatible. The technical term for this (which you've probably heard somewhere) is a "proxy server", and more specifically a "MitM" or "man-in-the-middle" proxy which decrypts and re-encrypts your traffic before sending it on its way.
After a bit of work, I was able to configure the open source Squid to do what was needed. And I discovered it fixed a lot of problems—Apple Mail is no longer filled with broken images, dashboard widgets like Deliveries Status no longer fail to connect, and NetNewsWire is able to load all of my RSS feeds. The Dictionary app initially refused to use the system proxy, but then a user on StackExchange told me how to patch it, and now it works too.
I ended up putting the whole thing together into an easy-to-install package. If you're using OS X 10.6 (Snow Leopard), 10.7 (Lion), 10.8 (Mountain Lion), or 10.9 (Mavericks), I encourage you to give it a try. It won't work magic—a couple of people who emailed me seemingly expected it to fix every website in existence—but it does help.
P.S. Chromium does not play nicely with this proxy. If you use Chromium Legacy, please download it via this prefpane, which will set up Chromium to ignore the system proxy. It doesn't need it anyway.
If you're currently running an old version of OS X, and it's connected to the internet, you probably already have this line somewhere in the Console:
Code:
CFNetwork SSLHandshake failed (-9836)
No need to go looking for it. If you're on OS X 10.9 or below, just open the Dictionary app and try searching for something on Wikipedia. Dictionary will tell you that Wikipedia's servers are unavailable—an obvious lie, since it loads elsewhere. And that little SSLHandshake error will appear in the console.
Here's what's going on: Your version of OS X does not support newer versions of https. Wikipedia, like many modern websites, does not support older versions of https. This creates an impasse where neither can talk to each other.
To fix this problem, you need an interpreter—a piece of software which sits between you and the server, intercepts your traffic, and modifies it to be compatible. The technical term for this (which you've probably heard somewhere) is a "proxy server", and more specifically a "MitM" or "man-in-the-middle" proxy which decrypts and re-encrypts your traffic before sending it on its way.
After a bit of work, I was able to configure the open source Squid to do what was needed. And I discovered it fixed a lot of problems—Apple Mail is no longer filled with broken images, dashboard widgets like Deliveries Status no longer fail to connect, and NetNewsWire is able to load all of my RSS feeds. The Dictionary app initially refused to use the system proxy, but then a user on StackExchange told me how to patch it, and now it works too.
I ended up putting the whole thing together into an easy-to-install package. If you're using OS X 10.6 (Snow Leopard), 10.7 (Lion), 10.8 (Mountain Lion), or 10.9 (Mavericks), I encourage you to give it a try. It won't work magic—a couple of people who emailed me seemingly expected it to fix every website in existence—but it does help.
P.S. Chromium does not play nicely with this proxy. If you use Chromium Legacy, please download it via this prefpane, which will set up Chromium to ignore the system proxy. It doesn't need it anyway.
Last edited: