WPA2-PSK can't connect to secure web pages

Hope this is posted in the correct area.

I just got a macbook, it connects fine to my open wireless network (able to surf to any and all web pages ex: hotmail, gmail login etc )

I also have a wireless WPA2-PSK network that the macbook connects to and I am able to surf any normal webpage. The problem is it will not surf to any https (secure) pages (ex: hotmail, gmail login etc).

I am sure the problem is in the macbook as my Debian (linux) laptop has no problems hitting any page on either the open or WPA2-PSK network.

Network info:
Comcast cable internet connects to Smoothwall firewall box (linux).
from the firewall:
subnet1 to linksys wireless router running open-wrt firmware (open / unsecured wireless).
subnet2 to dlink DI-624stock up to date firmware running WPA2-PSK.
subnet3 to wired ethernet network.

I am new to apple so any helpful pointers as to what to look for would be great. I am familiar with linux and the command line so don't be afraid to get technical.

Thanks in advance.

edit:
running Mac OS X 10.5.6 clean install, all updates
happens with firefox and safari.
I am able to get to https pages on my network (ex: https://192.168.0.99:441 - smoothwall-firewall)

this is still unresolved,
does anyone have any suggestions??

Google for problems with pre share key and WPA2. There sure are a lot of problems on MacBooks. Have you tried setting up System Preferences>Network and a different location?

Have a look at this set up guide ~ covers Macs:-

Tutorial: How to set up WPA2 on your wireless network

Thanks for the clues, I will look into your suggestions.
the strange thing (at least to me) is that it connects fine for regular web pages, it is only the secure pages that can't connect.

To me that sounds like a broken x.509 anchor certificate thingamajiggy, but it's weird it only affects you when you're on WPA2.

Can you open https pages in Firefox? (Uses different certificates than Safari).

Note if you are using an Apple Airport router it does need the v4.2 update!

https does not work in firefox, safari, or wget, except on my local network (192.168.0.x) which https works fine on.

no airport router just the dlink DI-624

so far new profile has not helped, setting up new location has not helped , running onyx has not changed anything either.

the x.509 certificate thingy I will look into, maybe their is a system wide version?

Thank you all for the replies, keep them coming, this is starting to be a challenge.

When you got time to spare have a look through this Apple Discussion link. Problems with the DLink 624 go back a couple of years:-

Apple - Support - Discussions - New Airport Update Issues ...

This is a stab in the dark but have seen it a few times with OSX and some older Dlinks with WPA and WPA2. Does the Dlink allow you to select TKIP or AES? If so what is it set for now? I had a Dlink once I was messing with and changing that took care of it for me.

I'll wade through that thread, thanks for the link.

the encryption is TKIP, I just tried AES but it broke the connection with my hp laptop and the mac does not connect either.

the thing that bugs me the most is that https is working fine on my internal network, it's the www that's broke.

I don't know anything about certificates, so I will have to educate myself, but the more things I try, the more I think Aptmunich maybe on to something.

K, thanks for trying the AES just in case. After dinner I will do some digging and see what I can come up with and get back to you.

Good Luck!

Does the WPA2 network just have a firewall rule set up that is blocking port :8080 when connecting to the WAN? Perhaps the debian networking settings are bypassing that somehow?

I don't think it's the certificate issue if it's working intermittently like that... that's a system wide problem that wouldn't resolve itself on the other network.

Aptmunich, I am not sure what you are asking about port :8080, would you please clarify?
the smoothwall (firewall) has a transparent proxy, meaning no proxy setups on individual machines hooking to it. The smoothwall is setup as the default gateway.

cpinetree said:

Aptmunich, I am not sure what you are asking about port :8080, would you please clarify?
the smoothwall (firewall) has a transparent proxy, meaning no proxy setups on individual machines hooking to it. The smoothwall is setup as the default gateway.

Click to expand...

Well most routers have the option of restricting certain incoming and outgoing ports in the firewall. If you have a rule configured to restrict port 8080 (or a port range that it falls within) in some way, that would explain it.

Aptmunich: thanks for the clarification, no there are not any ports restricted at the routers.

harryb2448: I have read the thread you linked to, thank you, interesting issues.

I want to thank everyone for their suggestions and effort in solving this, I will continue reading and searching, and post new info as I get it.

If anyone thinks of another possibility please let me know I will try anything.