Safari rerouting tumblr to safe.txmblr.com and certificate issues

Why does my Safari reroute the tumblr URL to safe.txmblr.com and say that the certificate could be fake? It may be related to Avast, or possibly some sort of keychain error.

I recently installed extensions from the Safari trusted page, but started getting annoying prompts, deleted the extensions, and deleted the safari extensions file from the Keychain Access program. I'm afraid this may somehow be the cause of my current woes.

I've tried just trusting the certificate but it still does it every time I use the URL. Chrome doesn't have the issue, but Firefox couldn't even trust the certificate for Google for some reason. Safari is my preferred browser, hence the effort.

Thx in advance for your help, this is my 1st post, I'm a newbie.

https://discussions.apple.com/thread/7030469

My specs:
OS X Yosemite 10.10.3
MacBook Pro (15", late 11)
Processor: 2.4 GHz Intel Core i7
Memory: 4 GB 1333 MHz DDR3
Startup Disk: Macintosh HD
Graphics: Intel HD Graphics 3000 384 MB

Solution!

Avast was the culprit after all. Apparently the software replaces trusted certificates with their own, causing authentication issues with different browsers.

Here's a quick troubleshoot for pesky certificate prompts:

- delete Avast from Applications
- update Safari and restart computer
- system preferences / date & time settings : make sure this is on auto, uncheck and recheck even if it is.
- Safari preferences / privacy / delete cookies and website data
- Go to Keychain Access/ Keychain Access menu (next to ) and select “Keychain First Aid” from the menu list. Enter the current user password, then check the “Verify” box, followed by choosing the “Start” button. Next, choose the “Repair” radio box and then “Start” again.
-Relaunch Safari and visit the website(s) again

Deleting Avast was the main thing that helped me, but perhaps one of, or a combination of, these solutions can help you too.

This has been a fulfilling 1st thread.

-kjon ;P

kjon2518 said:

Avast was the culprit after all. Apparently the software replaces trusted certificates with their own, causing authentication issues with different browsers.

Click to expand...

That's really shady and is grounds to avoid Avast products like the plague. Replacing trusted certificates with one's own defeats the purpose of them being "trusted."

vansmith said:

That's really shady and is grounds to avoid Avast products like the plague. Replacing trusted certificates with one's own defeats the purpose of them being "trusted."

Click to expand...

It's not just Avast that's done that. Kaspersky, Lenovo, etc.. have all done it, or are doing it.

Dysfunction said:

It's not just Avast that's done that. Kaspersky, Lenovo, etc.. have all done it, or are doing it.

Click to expand...

And the shady umbrella widens. Is that how SuperFish worked? I knew it had something to do with SSL which, I guess, explains how certificates were involved with that one.

vansmith said:

And the shady umbrella widens. Is that how SuperFish worked? I knew it had something to do with SSL which, I guess, explains how certificates were involved with that one.

Click to expand...

Yea, SuperFish used a self signed certificate authority. Effectively rendering all certificate checks useless. Or, a classic man-in-the-middle attack. A great example of why adware should be considered more than nuisance-ware.

I've been using AdwareMedic since this whole fiasco, does anyone recommend any other types of essential protection?

Adblock+ and Ghostery are good at blocking unwanted ads/beacons/etc.

MacInWin said:

Adblock+ and Ghostery are good at blocking unwanted ads/beacons/etc.

Click to expand...

Not when it's a certificate or DNS poisoning.

You are correct, but that wasn't the question.