I'm trying to visit my university research group's website at home. The website requires a username and password to view and probably has who knows what kind of security systems in place.

On Safari 10 and/or macOS 10.12, I could visit the website and enter my username and password; it wouldn't save the password despite repeated attempts on my part at making it do so, but at least I could visit the site.

On Safari 11 and macOS 10.13, however, I get the following message:

This connection is not private

This website may be impersonating [website] to steal your personal or financial information. You should go back to the previous page.

I have two options: "Show Details" and "Go Back". If I press "Show Details", I get the following message below the previous one:

Safari warns you when a website has a certificate that is not valid. This may happen if the website is misconfigured or an attacker has compromised your connection.

To learn more, you can view the certificate. If you understand the risks involved, you can visit this website.

If I click on "view the certificate", I can see the certificate details, where it explicitly says "This certificate is marked as trusted for [website]".

If I click on "visit this website", I am asked for my administrator password to change certificate trust settings. After entering my password, I am redirected to the original "This website may be impersonating [website]" message.

I don't have this problem with other browsers (e.g. FireFox) or other remote access clients (e.g. FileZilla), so it isn't a problem with the website, it is a problem with Safari.

I've tried deleting the certificate in Keychain Access and creating it again, and I have tried restarting my computer. I am the administrator (and sole user) of my computer. My internet connection is secure and doesn't have any firewalls (it's just a home wi-fi connection).

What can I do to regain access to my group's website and preferably force Safari to remember my login information?

Edit: I found a workaround which I’m not at all happy with, since it’s annoying and it needs to be done all over again every time I reboot my computer, so I’m looking for proper answer.


Solution 1:

After searching for hours and trying several different "fixes" which didn't work, Trevor Da Silva's solution here worked.

The fix essentially consists of deleting the problematic site's certificate, opening the site in a private Safari window, choosing to trust it and then retrying in a regular Safari window.

Edit: This has to be redone every time the computer is restarted, so it isn't a true solution.