Deleting certificates in Keychain Access???
I noticed in my Keychain Acess that I have a slew of certificates which (1) I'm not sure what their purpose really serves and (2) there's a ton of them with names I don't recognize and draws my suspicion.
What purpose do these certificates serve and what would happen if I deleted them?
And just to clarify: I'm not talking about my passwords, etc. in Keychain Access. I'm specifically referring to Certificates which I find by clicking on: System Roots and Certificates.
Thanks for any help.
If you delete a certificate, the source that gave you the certificate will just offer another one when you authenticate. Certificates are just a way for encrypted connections to establish identity between a client and server. The server will digitally sign a certificate that contains a public key as well as some personal information that's used by the service you're connecting to. Certificates are provided by the service, and can have expiration dates and such.
Cookies are similar in ways, but they arent as versatile and secure. They're generally used to let your browser keep track of when you last visited a site, perhaps contain a password for the site, and other user settings for a site. Certificates are mainly used for authorizing access to a service.
Similar Messages
-
Trying to delete wifi certificate in Keychain Access; continually crashes
Every time I try to delete my wifi certificate in Keychain Access, it continually crashes. Tried it in safe mode, still crashes. I cannot get my Airport extreme 5th gen to pass along an IP address to my Mac even though mac is connected to AE (seen via Network Utility). Thought that deleting keychain password would help.
OSX 10.10.1
retina Macbook Pro 13Launch the Console application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad. Click Utilities, then Console in the icon grid.
Step 1
For this step, the title of the Console window should be All Messages. If it isn't, select
SYSTEM LOG QUERIES ▹ All Messages
from the log list on the left. If you don't see that list, select
View ▹ Show Log List
from the menu bar at the top of the screen.
In the top right corner of the Console window, there's a search box labeled Filter. Initially the words "String Matching" are shown in that box. Enter the name of the crashed application or process. For example, if Safari crashed, you would enter "Safari" (without the quotes.)
Each message in the log begins with the date and time when it was entered. Select the messages from the time of the last crash, if any. Copy them to the Clipboard by pressing the key combination command-C. Paste into a reply to this message by pressing command-V.
☞ The log contains a vast amount of information, almost all of which is irrelevant to solving any particular problem. When posting a log extract, be selective. A few dozen lines are almost always more than enough.
Please don't indiscriminately dump thousands of lines from the log into this discussion.
Please don't post screenshots of log messages—post the text.
☞ Some private information, such as your name, may appear in the log. Anonymize before posting.
Step 2
In the Console window, select
DIAGNOSTIC AND USAGE INFORMATION ▹ User Diagnostic Reports
(not Diagnostic and Usage Messages) from the log list on the left. There is a disclosure triangle to the left of the list item. If the triangle is pointing to the right, click it so that it points down. You'll see a list of crash reports. The name of each report starts with the name of the process, and ends with ".crash". Select the most recent report related to the process in question. The contents of the report will appear on the right. Use copy and paste to post the entire contents—the text, not a screenshot.
I know the report is long, maybe several hundred lines. Please post all of it anyway.
If you don't see any reports listed, but you know there was a crash, you may have chosen Diagnostic and Usage Messages from the log list. Choose DIAGNOSTIC AND USAGE INFORMATION instead.
In the interest of privacy, I suggest that, before posting, you edit out the “Anonymous UUID,” a long string of letters, numbers, and dashes in the header of the report, if it’s present (it may not be.)
Please don’t post other kinds of diagnostic report—they're very long and rarely helpful. -
Delete passwords from keychain access
How to delete passwords from Keychain Access?
In Keychain Access a password is an element in a key, for example an internet site that you log into will be contained in a file in Keychain Access. They are shown one per line.
Inside that key will be the url location, username , password.
You can highlight the relevant key / file and control click on it and delete it.
Just a cautionary note, if you no longer use it, it does no harrm to just stay there. -
Mail automatically adds certificates to Keychain Access. How to disable?
Is there a way to tell Mail not to automatically store certificates from digitally signed emails (in this case, using Verisign) in Keychain Access?
The problem is this:
When the old certificate expires from someone else, I create a new one, and have them send a signed email to my address. Mail then automatically adds the new certificate to my Keychain Access. I then go into Keychain Access and delete the old certificate, so that I can send secure and encrypted messages to them. However, if I go back to one of their saved OLD emails, it automatically adds the old certificate back to my Keychain Access. And when I go to create a new email to them, it often will use that old certificate, which no longer works for them.
I am looking for a way to better manage this or find out what others are doing out there with the same problem.
Keychain should have an "archive" section to put old certificates into. These then can be referenced to open old secure and encrypted messages, but not allowed to be used for sending new email.Additionally, lets say something happens to your certificate and you need to download it again. In this case, from Verisign. A problem I have run into is when I go to Verisign, I am presented with the option of re-downloading my certificate. If I do this, there is no way on the Mac system that you specify this re-downloaded is your certificate. So I have to download a new certificate and then re-add my certificate to the rest of the employees and get theirs.
There needs to be an option to select "This is my certificate". Very much like in AddressBook, how you can specify different VCards as your own. -
Certificate in keychain access problem
I have obtained three certificates I have to use to access my corporate exchange server and imported them into the login keychain as directed. They do show up in the "certificates" category of the login keychain but not in the "my certificates" category. This is the category that Entourage looks for when allowing me to select a certificate. As a result, I can't select the certificate I need. Any ideas?
hi,
you must import the /system/library/keychain/x509anchors first to your keychain app.
then use #sudo certtool i zetifikat.cer v k=/System/Library/Keychains/X509Anchors to import it to .../x509anchors. (zertifikat.cer ist your certifikate name) import your certificate (in pem-format) to your keychain. if not in pem-format convert it with ms cert manager (in the office folder of the office app). apply alway trust to the certifikate in keychain.
cheers
jens -
What should I do with duplicate of certificates in keychain access?
Is it safe to delete duplicate surtificates in keychain or just wait tell it expires?
(New to mac 1 month)Apple will exchange your iPod for a refurbished one for $199 for a 64 GB one and $99 for the others.. They do not fix yours.
Apple - iPod Repair price
A third-party place like the following maybe less. Google for more.
iPhone Repair, Service & Parts: iPod Touch, iPad, MacBook Pro Screens
Replace the screen yourself if you are up to it
iPod Touch Repair – iFixit -
Exporting auto-created SSL Certificate using Keychain Access
Whenever I try, I get:
"An error has occurred. Unable to export item.
You fail to provide the necessary administrator authorization."
Can it be done?Got the same problem. It's a mystery to me as well. Happens both at my SL server 10.6.2 at home and at work. I have no idea what is wrong except that it might forget to prompt me. It also doesn't work if I unlock the certificate keychain first.
-
I am trying to connect to my company's wireless network which uses WPA Enterprise. I need a certificate which our network admin has given me a copy of but I cannot choose it in the connection dialog. It only shows the certificates which are contained in the category "My certificates" in Keychain access. It only contains my .mac certificate. I have imported the necessary certificate into Keychain Access and added it to my login keychain + also X509Anchors but I can see no way to add it to "My certificates". Can anyone help me?
I decided to upgrade to Leopard to test this out but I still cannot make it work. I click on "Get certificate" but nothing happens. There are some things I am unsure about.
1. The protocol to use. Our network administrator says the protocol should be EAP, not EAP-FAST, PEAP or LEAP which are the choices in OS X.
2. The domain to use. I guess it has to be "Login window" as this is the only domain to include a certificate but see next point
3. When using the "Login window" domain it says that it logs into the wireless network when I log into the Mac and using the same user name and password I use to log in to the Mac. The problem is that my local user name is not the same as the user name I use to log in to the network. Maybe this is the sole reason why it still fails. When I click "Get certificate" I have to submit a user name and password and then I use my network user name but it doesn't work. Is there a way to have the user names be different? If not is it safe to change my short user name on the Mac? -
Deleted certificate keeps on reappearing in my Keychain. What can restore it?
Hi there,
I recently renewed a certificate I use, among other things) to directly sign-in on password-pretected website at CERN (e.g. collaboration web pages). I deleted the expired certificate from my keychain, and installed the new one: everything seems to be working fine.
The weird thing I'm experiencing since I did all these actions is that every morning I find again in the Keychain the old expired certificate I deleted (?!?), like some process was restoring it. I tried to monitor what could do that without much success, and googling the problem lead to nothing (there seems to be a known issue with Xcode restoring expired certificates, but I never use Xcode, and I don't have developer profiles installed). The thing is rather annoying, because having 2 similar identities, one valid and another expired, seems to trouble Safari, and I cannot really use the automatic login unless I re-deled the expired certificate. Ditto, I have to do it again every morning, since it seems to resurrect somehow...
I tried to lock the login keychain, but using the machine is then impossible (e.g. Mail.app ask for access every time it looks for new mail). I had certificates installed on my iPhone, so I thought that could be the source (the iPhone certainly syncs overnight) and I deleted them, since anyway certificate authentication from iOS on CERN website is not working (yet?). It dod not really helped, tough.
Any suggestions?
I'm running OS X 10.8.2, Keychain access v. 7.0.
Thanks! M.Information.
Keychain Reset -
Keychain Access and Certificates?
I was looking for information on a password manager and remembered that Apple has Keychain Access as part of the OS.
I am trying to understand how it works and only find the Help files available for reading. I am missing a somewhat deeper overview and understanding, not just a list of 'how to ...' instructions.
Can anyone point me to articles or documentartion to help understand this application?
While poking around in Keychain Access, I noticed 175 unique certificates on my Mac under the Keychain called 'System Roots'. I looked at the information on several and am unable to interpret the information, nor the Trust settings available. Also, the Certificate Assistant options available for Viewing and Evaluating Certificates.
My biggest concern is that I do not recognize most of these certificates, and do not understand how they got on my computer, and what happens if I remove them?Thanks - I looked at several of the links, but I'm not a software engineer.
I'm looking for documents that are geared to a user of the product (OSX), to help me understand all the things I see when opening up Keychain Access, and understand what they do, and a layman's description of the certificates and what happens if I delete them.
Also, a brief overview of the keychain and how it is used, how it is useful, etc.
Just can't seem to find the user oriented documentation... -
Create a Distribution Certificate as a p.12 file in Keychain Access not working?
I need to create a Distribution Certificate as a p.12 file. I downloaded my ios_distribution.cer file from iOS Provisioning Portal/Certificates/Distribution/Download but this file will not install on my Keychain Access Certificates. Once installed I need to export as .p12. Why can't I install this .cer file to my keychain access? Thanks
Hi EDUR142, did you find a way round this? If so, please let me know.
I currently can see that these certificates are there in Keychain Access under System'Certificates'.
However in System'Keys' the relevant keys are not there. And in Login'Keys' there are 4 keys that might be the correct ones: 2 public keys, 2 private keys. BUT they do not have an arrow on the left so I cannot see if the correct certificate is associated with them (as it described in the Adobe step by step guide to DPS pg19).
If this is simliar to your issue last year, and you found a solution, pls reply. Thank you. -
HT1631 if i delete keychain access will that help with admin password?
please advice me help
NO!
That will delete ALL your passwords!
In Keychain Access just delete that one password, then re-enter it. -
Keychain access keeps crashing while trying to import a new certificate
I have been having trouble with trying to import a certificate to my Macbook Pro but everytime I go to Import the certificate via: File --> Import... Keychain access keeps crashing on me. Has anyone else been experiencing this?
Here is the link to where I have uploaded the error report: http://www.filedropper.com/keychainaccesserrorreportHi Moving Art,
Please provide the exact version of Premiere Pro CC that you are using, you can check this by going to Premiere Pro menu. Also, this type of crash might be because of the Graphics display drivers. So, please check the Graphics Card installed on your MAC and the version of the MAC that you are using.
Regards,
Vinay -
Hi all.
I've just been given an Air. I used Migration Assistant to transfer everything (which didn't work very well: no Contacts transferred and the Air Contacts application can't even open manually transferred Contacts Archive .vcf).
Trying to transfer contacts led me to iCloud - I thought I could copy them from there. Then I discovered that I can't sign in to iCloud via System Preferences. I get two error messages. The most common one is 'you cannot sign in at this time'. I've tried every solution on the web: I reinstalled Yosemite. I reset Keychain Access. I deleted Accounts plist.
The other message I occasionally get is 'This is a valid Apple ID but not an iCloud account'. It is: I'm logged on fine on my MBP, iPhone and iPad.
Any ideas? Thanks in advance,
AidaSo - I have been having this same issue, and while it's not totally resolved for me, I have figured out what's causing it. I am running a machine with two hard drives and to keep my documents on a separate drive from the OS/Applications, I used the Advanced Option to specify the location of my home drive for my user account under "Users & Groups". I've found that if I reset this to the default path of /Macintosh HD/Users/{username}, that it works fine. However Apple has a bug in that this functionality breaks when you specify your own home directory. Hopefully, this will be addressed in an update.
-
I deleted all my Keychain Certificates
Must have been during a rabid senior moment. Now I get all these untrusted certificate messages in email and Safari, and they are going into Keychain. However as best as I can tell, I need to obtain a Root Certificate from the Certificate Authority (CA) or the Issuer who appears to be VeriSign. Evidently one can spot the Root Certificate because they have nice golden borders vice the plain blue borders, and they are supposed to live in the X509Anchors. This is what I THINK that I understand. However, when I tried an online chat with a VeriSign rep. it rapidly went down hill and he talked about thousands of certificates and CAs etc. I did mention that to date every certificate that I have seen appears to have been issued by them; _VeriSign Class 3 Public Primary Certification Authority - G5.cer_
I did get an email address and have tried the Keychain Access Certificate Assistant - Request a certificate from an existing CA. I am waiting to see what that will result in.
However, I am curious to see if there are others out there who have experienced this and if they have gotten a real fix.
Thanks,
DNHi DN, I've seen this a few times, the cure is to restore from a backup, copy from another machine, do an Archive & install, or try these...
http://web.fastermac.net/~bdaqua/X509Anchors.zip
http://web.fastermac.net/~bdaqua/X509Certificates.zip
Maybe you are looking for
-
Setting up a shared library for multiple accounts on the same machine
I am in idiot. I can't figure it out. This is exactly what I did. 1 - I set up multiple accounts on the computer. 1 for me and another for my wife. 2 - I loaded all the music into my account's public folder. 3 - I set the default folder in both hers
-
Last week I registered and Ipod Shuffle that somebody gave me as a present like 6 o 7 years ago. I registered last week because I found it 7 years after, it was new and I did not use it before. I heard in the iOS 7 presentation that all the users th
-
I am trying to load an external library with about 700 gigs of music into iTunes on my mac, but of course my mac's inter hard drive is much less than that. Is there a way I can load the music onto iTunes without importing it into my computer? I use t
-
Why won't the Mac Mini connect to the internet but won't browse
Here's an odd one...I hook up the mini with an ethernet cable to the cable modem - it finds the settings on it's own - IP address, subnet - the whole thing. That's just great - go to the activity monitor - and look at the network - packets going and
-
Truncate table taking more time
I am trying to truncate a table with 50000 records and it is taking lot on time. Contraints are enabled and the table refers to around 15 to 20 tables. How can i improve the performance so that the detetion takes faster. Will increasing PGA or temp h