And even if your OS supported modern protocols, there would be the issue of cipher suites! My OS, OS X 10.9 Mavericks, supports TLS 1.2. So, what you have to do instead is set up an MiTM proxy server on a second device, such as a Raspberry Pi or a modern PC, and then connect to that proxy from your old Mac.īecause this involves networking multiple machines, exact instructions will depend on your setup, but it can work! Although the proxy server on the page linked above requires OS X 10.6, you may still want to reference the Squid configuration file included in the package as a starting point. Unfortunately, I don't know of any MiTM proxy software that will run on your OS. The proxy will decrypt and re-encrypt your traffic before sending it on its way.įor Macs running at least OS X 10.6, I created a turn-key solution to set up a local MiTM proxy server. This is called a "man-in-the-middle" or "MiTM" proxy server. Instead, you need a translator-a piece of software which sits between you and the server, intercepts your traffic, and modifies it to be compatible. Updating root certificates won't help, because your Mac and the server do not speak the same language. This creates an impasse where neither can talk to each other. Wikipedia, like many modern websites, does not support older versions of SSL. What else could I try doing in order to get this computer on the internet (for better or worse)?Īs you noted, the problem is that your OS X does not support modern versions of the SSL protocol, such as TLS 1.2. I seem to be able to connect to Google via HTTPS, which is a step up, but sites like Wikipedia still prevent me from accessing them for security reasons. "Always Trust", then close that and enter your password to confirm the Find the ISRG Root X1 certificate in System and doubleĬlick on it, open the Trust menu and change "Use System Defaults" to Open the Keychain Access app and drag that file into the System folder Try a restart of the affected client device.ĭownload the ISRG Root X1 certificate file from Some operating systems hold onto the expired R3 > DST Root CA X3 chain even if your server is no longer using it. One step I've taken care of is following the directions from How do I update my root certificates on an older version of Mac OS (e.g. I am aware that the specs of this machine are too low to run most websites.Īs you're probably aware, the SSL security protocols on this version of Mac OS X are out of date enough to prevent me from visiting anything aside from Google. I just want to be able to connect to the internet for benchmarking purposes. My concern is not security - I don't put sensitive information on this machine, nor do I mind if the integrity of the Operating System is compromised. I'm using an old iMac G3, running Mac OS 10.3.9 Panther, for research purposes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |