Management issues using Safari in MacOS 26.1

[James O'Donnell]

Hi, I recently updated to the latest security update for macOS. After doing so, I find my Proxmox server (running the latest version) has issues with Safari blocking all console and Novnc access and generating the following error:

TASK ERROR: command '/usr/bin/termproxy 5900 --path /vms/102 --perm VM.Console -- /usr/bin/dtach -A /var/run/dtach/vzctlconsole102 -r winch -z lxc-console -n 102 -e -1' failed: exit code 1

All extensions and browser privacy features have been disabled, and this is an internal-only server. The page is still accessible via the Firefox branch LibreWolf, which I use, so that’s my temporary backup until this issue is resolved. Just checking to see if others have had the same issue that they are struggling with.

 

[cosmix]

Hey @James O'Donnell it looks like Safari 26.1 breaks websockets in some cases, possibly on local network URLs when using TLS without a valid certificate. This is not an issue with Proxmox, other webapps are similarly broken. There was a similar issue last summer when Tahoe was in β, but that was fixed well before the GM was out; this one seems slightly different. Hopefully Apple will fix it soon. In the meantime, you can use another browser (Firefox works well) and file the issue with Apple—it helps them prioritize: http://bugreport.apple.com

 

[James O'Donnell]

Ok this is good to know. I have a different work-around that I did now that I know what the issue is.

1. I opened Safari and went to the server in Safari.
2. I went to the **Safari -> Connection Security Details...** pull-down menu.
3. I clicked **Show Certificate**.
4. I dragged the icon of the certificate to the desktop.
5. I opened **Keychain Access**.
6. I went to **File -> Import Items...** pull-down menu.
7. I imported the certificate file.
8. I double-clicked the certificate found under the **login** user on the left and clicked the **Certificates** tab.
9. I expanded the **Trust** menu.
10. I selected **Always Trust** for the menu item **"When using this certificate:"**.
11. I exited Keychain Access and Safari.
12. Reloaded Proxmox, and it works.

 

[James O'Donnell]

This is a screenshot of what to click in Keychain Access

 

[James O'Donnell]

Damn, after testing a few times, it is inconsistent, and the issue still comes up. This is a bad bug then since it is trusted in the keychain access... I ended up submitting to Apple since they should expose the trust mechanism, and also if the cert is trusted, this should not come up as an issue.

Thanks for mentioning Firefox. I actually am using the LibreWolf fork of Firefox, and it runs the same as baseline Firefox minus the known privacy issues.