Apple Safari on MacOS¶

In order to install Trusted Root CA certificate first check your proxy settings in Settings / Advanced as indicated on the following screenshots.

../../../_images/01_wifi_settings2.png

Both HTTP and HTTPS proxy setting need to correctly point to your Squid box.

../../../_images/02_wifi_proxy2.png

Select Launchpad / Other and click on Key Chain Access icon to open the key chain application.

../../../_images/03_key_chain2.png

In the Key Chain application, select System, Certificates in the left panel and unlock the key chain by clicking on the Unlock button on the top left and providing the administrator’s password.

../../../_images/04_key_chain_unlock2.png

Drag the DER certificate you downloaded on the Install Trusted Certificates page into the right panel of the Key Chain application, the common name from the certificate will be loaded and will be shown on the list of certificates (in our case proxy.diladele.lan). Please note, this certificate is not yet trusted (see red x on the screenshot).

../../../_images/05_drag_myca2.png

Double click the non trusted certificate (proxy.diladele.lan on screenshot) to show its properties and expand the trust settings.

../../../_images/06_cert_properties2.png

Confirm you are trusting this certificate by selecting Always Trust from the drop down menu.

../../../_images/07_always_trust2.png

Close the properties and make sure the certificate is now trusted.

../../../_images/08_trusted2.png

Open any HTTPS page and ensure the top certificate now comes from your Squid proxy and matches your Trusted Root CA certificate.

../../../_images/09_top_ca2.png

If you open a blocked page with Safari now, the blocked page should be shown correctly.

../../../_images/10_blocked2.png