Safari vs. Domain Validation?


I am a freelancer and one of my clients is a travel company. They have received a lot of complaints that Safari will not access their website correctly due to SSL problems and, unfortunately, I do not own a Mac. Any pointers that could be offered would be greatly appreciated.

The site is:

With the Windows edition of Safari, I have determined that two medium-strength SSL ciphers are required to access the site (which blows our PCI compliance away). With that change, everything back to Safari 3-something works great on Windows.

Unfortunately this did not take care of the problem for our Mac users. I received an email today that Safari 5.1.5 on a MacBook was still having issues.

As far as I can tell, we are using the correct intermediate certificates to complete the chain. Do you see any show stoppers?

Can you please describe the issue a little bit more? As it is a little unclear. We need to know exactly what happens when Safari users hit the site in question and if there’s any sort of error message such as ‘Site not found’, ‘Untrusted issuer’, ‘invalid certificate’, etc. I can tell you the certificate is installed correctly.

Ciphers are handled by the client (browser) and the server that is hosting (serving) the site. The level of validation (Domain, Identity/Organization, Extended) have no bearing on the ciphers that are used. I can see the you have 128/256-bit ciphers enabled on this site on both TLSv1 and SSLv3. (using a perl script to see which Ciphers the site is using) I do not see anything out of the ordinary as far as enabled ciphers and they should be available on all fairly recent versions of OS X (10.5+)

I’m able to connect using Safari 5.1.5 on Windows 7 (64-bit edition) and I too do not have a Mac.

Edit: Needed to re-word post.