Invisible certificate in keychain

I need to add a new root certificate to the keychain. Probably I did something wrong in the first try. But now the situation is such that the keychain program claims the certificate being already in the keychain, but displaying all certificates does not show any. This means that I can't delete the certificate to be able to add it again. So I'm stuck. Any suggestions?
MacBook   Mac OS X (10.4.9)  

I need to add a new root certificate to the keychain.
Probably I did something wrong in the first try. But
now the situation is such that the keychain program
claims the certificate being already in the keychain,
but displaying all certificates does not show any.
It turned out that I did not display the X509Anchors keychain and thus missed the entry. However, there is still a problem with a certificate, which I shall post seperately.
MacBook   Mac OS X (10.4.9)  

Similar Messages

  • Trying to delete wifi certificate in Keychain Access; continually crashes

    Every time I try to delete my wifi certificate in Keychain Access, it continually crashes.  Tried it in safe mode, still crashes. I cannot get my Airport extreme 5th gen to pass along an IP address to my Mac even though mac is connected to AE (seen via Network Utility). Thought that deleting keychain password would help.
    OSX 10.10.1
    retina Macbook Pro 13

    Launch the Console application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad. Click Utilities, then Console in the icon grid.
    Step 1
    For this step, the title of the Console window should be All Messages. If it isn't, select
              SYSTEM LOG QUERIES ▹ All Messages
    from the log list on the left. If you don't see that list, select
              View ▹ Show Log List
    from the menu bar at the top of the screen.
    In the top right corner of the Console window, there's a search box labeled Filter. Initially the words "String Matching" are shown in that box. Enter the name of the crashed application or process. For example, if Safari crashed, you would enter "Safari" (without the quotes.)
    Each message in the log begins with the date and time when it was entered. Select the messages from the time of the last crash, if any. Copy them to the Clipboard by pressing the key combination command-C. Paste into a reply to this message by pressing command-V.
    ☞ The log contains a vast amount of information, almost all of which is irrelevant to solving any particular problem. When posting a log extract, be selective. A few dozen lines are almost always more than enough.
    Please don't indiscriminately dump thousands of lines from the log into this discussion.
    Please don't post screenshots of log messages—post the text.
    ☞ Some private information, such as your name, may appear in the log. Anonymize before posting.
    Step 2
    In the Console window, select
              DIAGNOSTIC AND USAGE INFORMATION ▹ User Diagnostic Reports
    (not Diagnostic and Usage Messages) from the log list on the left. There is a disclosure triangle to the left of the list item. If the triangle is pointing to the right, click it so that it points down. You'll see a list of crash reports. The name of each report starts with the name of the process, and ends with ".crash". Select the most recent report related to the process in question. The contents of the report will appear on the right. Use copy and paste to post the entire contents—the text, not a screenshot.
    I know the report is long, maybe several hundred lines. Please post all of it anyway.
    If you don't see any reports listed, but you know there was a crash, you may have chosen Diagnostic and Usage Messages from the log list. Choose DIAGNOSTIC AND USAGE INFORMATION instead.
    In the interest of privacy, I suggest that, before posting, you edit out the “Anonymous UUID,” a long string of letters, numbers, and dashes in the header of the report, if it’s present (it may not be.)
    Please don’t post other kinds of diagnostic report—they're very long and rarely helpful.

  • Valid email certificate in Keychain - How to use it sending messages?

    After asking a free Personal E-mail Certificate by thawte.com, I was enabled to dowload a file which automagically added my personal certificate in my Keychain. Wow.. nice.. and now?
    How to add this certificate in the headers of my messages?
    Btw, during the thawte subscription, the form asked for my browser and mail program.
    In the options, nothing about Apple. I wrote them giving my preferences: Safari and Mail.
    They replied me:
    -- begin --
    When requesting the certificate, please use the option:
    Mozilla Firefox/Thunderbird, Netscape Communicator/Messenger
    and it will work with your Apple set up.
    -- end --
    Any idea on how to proceed?

    Solved
    I just had to restart Mail, and the sign was there :-))
    Hope this helps someone.

  • "Unknown" Certificate in Keychain

    I've found a certificate with the name of "Unknown" in my Login keychain. It doesn't have an expiration date, just "???". Keychain says it's unable to display the certificate. Also, "The data does not appear to be a valid certificate." Has anyone else encountered this? Any idea what this is, and if I should delete it? It seems odd to me. I haven't imported any certificates myself lately.

    Me too and mine is an empty keychain (no objects are listed). When I click Delete Keychain "unknown" from the File menu, I get a panel that asks whether I want to 'Delete References & Files' or 'Delete References' only. But there's no way to see what these references or files are. Can i safely delete this and which deletion option should i choose?
    Al

  • Certificates in Keychain...

    I need to know what the following are and what they are for:
    DoD Root CA 2
    DOD EMAIL CA-24

    Hi S,
    They are security certificates. They authenticate a website when you go to it. DoD stands for Dept. of Defense. I have noticed them in keychains on my Macs before.

  • Untrusted Kerberos Certificate In Keychain?

    Hi, I have an untrusted com.apple.kerberos.kdc certificate in my System Keychain, along with both a private and public key.
    The reason I post my question in Getting online and Networking, is because I am a simple home user who connects to my ISP via DSL modem.
    However, I do know kerberos is for networking or whatever, so I was just wondering if someone could enlighten me as to why they are there, if they need be there, etc.....
    I can provide any additional info as needed. Thanks, and I just want to make sure that everything on my system is running smoothly so I really appreciate any Helpful information/responses so that my query may be Solved! Thanks again.

    Ok, well, just to clarify, I'm not in the States right now where I normally reside and I happen to have taken my computer in for care at an authorized dealership here.
    After they replaced my Optical Drive, they needed to reinstall.... I had provided my CDs--which I am without a doubt certain worked before I handed them in as required by their service terms--but was later informed that the new Optical Drive that had been installed could not read them for some reason or another(the CDs would mount, but show no contents within the Finder window). If I were in the US, I would have called apple since I am still under warranty and seen if they could be replaced, which I have done with a past G$ powerbook with no prob at all. But since they couldn't provide that service, they simply installed leopard on my comp for me off their Install CDs.... As a result, I am left wondering if maybe they used an Install Disc which was intended for another computer or was perhaps not appropriately specified for my comp.
    So, basically, if there is a problem at all, and say those untrusted certificates shed any light on any improper installation or whatever, then I would like to know so I can address and rectify the issue before I leave.
    Ok, thanks for your time and hopefully, someone will be able to shed some light on this. Even if it means just checking to see if the same two untrusted certificates are present in their keychain app as well.
    since it doesn't seem like I'm getting any feedback as is, would any willing people mind checking there system keychain within keychain access to see if a similar situation exists?
    Basically, I just want to know if it's harmless then I'll leave it as is.... If anyone can confirm the same situation in their Keychain Access, then I would be much relieved.

  • Adding Certificates to Keychain

    I have been attempting to add a few DoD certificates to my keychain per online instructions to enable me to use my smart card on my personal computer. However, every time I navigate to the Library folder while trying to add the certificates, I receive this error and Keychain closes itself:
    Error: *** -[__NSArrayM objectAtIndex:]: index 5 beyond bounds [0 .. 4]
    -2011 MacBook Pro, OS X Mavericks 10.9

    I wanted to reply to this question myself because I figured it out and I wanted to share the fix. Fortunately I had a "cloned" copy of my hard drive with a working set of certificates on it, so I replaced the newer certificates which were created when I reset the keychains with the older (working) certificates from the cloned hard drive. There are three locations in which the certificates had to be replaced. (1) User>Library>Keychain>(replaced the newer certificates in this location with the older working certificates) (2) Hard Drive>Library>Keychains>(replaced the newer certificates in this location with the older working certificates) (3) Hard Drive>System>Library>Keychains>(replaced the newer certificates in this location with the older working certificates). This needs to be done at the "administrative" level and you will need the administrative password when asked to authenticate.

  • Deleting certificates in Keychain Access???

    I noticed in my Keychain Acess that I have a slew of certificates which (1) I'm not sure what their purpose really serves and (2) there's a ton of them with names I don't recognize and draws my suspicion.
    What purpose do these certificates serve and what would happen if I deleted them?
    And just to clarify: I'm not talking about my passwords, etc. in Keychain Access. I'm specifically referring to Certificates which I find by clicking on: System Roots and Certificates.
    Thanks for any help.

    If you delete a certificate, the source that gave you the certificate will just offer another one when you authenticate. Certificates are just a way for encrypted connections to establish identity between a client and server. The server will digitally sign a certificate that contains a public key as well as some personal information that's used by the service you're connecting to. Certificates are provided by the service, and can have expiration dates and such.
    Cookies are similar in ways, but they arent as versatile and secure. They're generally used to let your browser keep track of when you last visited a site, perhaps contain a password for the site, and other user settings for a site. Certificates are mainly used for authorizing access to a service.

  • PKI, certificate and keychain.app experts needed!

    Hi all!
    I have the following problem. To verify e-mails signed (qualified in the sense of german signature-laws) the highest german CA-certificate is needed. So I imported this CA-Root-Cerificate into the x.509 keychain in keychain.app. There it is 1) not recognized as a CA-Root-Certificate and 2) it can't be verified.
    Some research discovered that the main difference between this cert and all the other pre-intsalled certs is that it uses the RIPEMD-160 hash-algorithm and not SHA1.
    My question is: Can anybody confirm that RIPEMD-160 is not supported in Mac OS X or does anbody have an idea what is going wrong.
    If anybody needs the german root-ca-cert I can e-mail it!
    Thanks for any help in advance!
    Tom
      Mac OS X (10.4.8)  

    The following are up to date and seem to be connected to the keyboard buffer in some way:  (I had airdisplay, but that is no longer on the drive - I think ML kicked it off the disk when I installed ML).
    TextExpander
    Keyboard Maestro
    Clipboard History
    I've closed them down.  The problem continues.
    I also use Path Finder in which the sticky problem occurs.  If I force quit it once the problem begins, that fixes it, but if I then try dragging in just Finder, the problem returns.  So it's both in Finder and Path Finder that the issue occurs.  I've even relaunched Finder, but that doesn't fix the problem when it has begun.  I also discovered that any kind of drag causes the problem now - every time.  For example, in some app that displayed a table, if I try widening a column by draging the column heading left or right, then the widening/shrinking continues when I let go of the left mouse hold and then just move the mouse, even if it's off the app's window.

  • Valid Cisco VPN certificate in keychain is not found by setup

    My fellow MBP fans!
    Has anyone successfully configured a MBP with 10.6.8 to connect to a Cisco VPN router using the built VPN Client, with certificate authentication? Please how, please!
    The company I work for has recently installed a Cisco RV016 router, to allow us to connect remotely over a VPN connection.
    Setting up this connection has proved so far a total nightmare.
    The router exported a certificate. This I imported into the keychain and placed it in the system folder. The certificate seems to be trusted.
    When setting up the network interfaces in the System preferences, I can add a Cisco IPsec interface. It accepts the IP address of the router, the userid and the password. It then asks for the authentication method. When opting for certificate, you can then browse the certificates installed to pick the right one. However, the facility does not find any certificates, ie the installed certificate is not found.
    Either the certificate is in the wrong place, or in the wrong format, or just plain wrong. The certificate I am trying to use is in .pem format.
    This is what I tried so far, but failed to make any progress.
    - place the certificate in several locations
    - convert the .pem certificate to pk12 or pk7 format, after converting it with openssl
    - reset the router and request a new certificate
    The same credentials work fine on a Windows machine.
    Solving this would mean a lot.

    The legacy VPN-client is not supported under Windows 8.1 and as the client is EOL anounced, it probably will never be supported. You have a couple of options:
    There are some reports on the internet where some people got it working. If you go that way you are still running an unsupported scenario.
    Go the Cisco-way and change to AnyConnect. For that your VPN-gateway needs a nearly complete new VPN-config. But in the long term, that's the way to go.
    Use an alternate client like the one from shrew-soft: https://www.shrew.net/software
    Don't stop after you've improved your network! Improve the world by lending money to the working poor:
    http://www.kiva.org/invitedby/karsteni

  • Unknown certificates in keychain

    I was just messing around, and found 2 certificates I have not noticed before, google is no help when
    searching for them.
    Tamas Sandor /certificate/Feb 23, 2011 5:59:59 /login
    anyone know what this certificate is for? only email I use is mac/me, and gmail.
    The gmail I login into via webmail, could this be a part of gmail?
    Thanks, in advance.

    Yes, if you look under *System Roots* -->certificates in your Keychain you will see all kinds of certificates you do not recognize.

  • Mail automatically adds certificates to Keychain Access. How to disable?

    Is there a way to tell Mail not to automatically store certificates from digitally signed emails (in this case, using Verisign) in Keychain Access?
    The problem is this:
    When the old certificate expires from someone else, I create a new one, and have them send a signed email to my address. Mail then automatically adds the new certificate to my Keychain Access. I then go into Keychain Access and delete the old certificate, so that I can send secure and encrypted messages to them. However, if I go back to one of their saved OLD emails, it automatically adds the old certificate back to my Keychain Access. And when I go to create a new email to them, it often will use that old certificate, which no longer works for them.
    I am looking for a way to better manage this or find out what others are doing out there with the same problem.
    Keychain should have an "archive" section to put old certificates into. These then can be referenced to open old secure and encrypted messages, but not allowed to be used for sending new email.

    Additionally, lets say something happens to your certificate and you need to download it again. In this case, from Verisign. A problem I have run into is when I go to Verisign, I am presented with the option of re-downloading my certificate. If I do this, there is no way on the Mac system that you specify this re-downloaded is your certificate. So I have to download a new certificate and then re-add my certificate to the rest of the employees and get theirs.
    There needs to be an option to select "This is my certificate". Very much like in AddressBook, how you can specify different VCards as your own.

  • Certificate in keychain access problem

    I have obtained three certificates I have to use to access my corporate exchange server and imported them into the login keychain as directed. They do show up in the "certificates" category of the login keychain but not in the "my certificates" category. This is the category that Entourage looks for when allowing me to select a certificate. As a result, I can't select the certificate I need. Any ideas?

    hi,
    you must import the /system/library/keychain/x509anchors first to your keychain app.
    then use #sudo certtool i zetifikat.cer v k=/System/Library/Keychains/X509Anchors to import it to .../x509anchors. (zertifikat.cer ist your certifikate name) import your certificate (in pem-format) to your keychain. if not in pem-format convert it with ms cert manager (in the office folder of the office app). apply alway trust to the certifikate in keychain.
    cheers
    jens

  • HT5012 trusted certificates in Keychain

    I went into my keychains and found some certificates that stated they are trusted and have all access to my apps but they are Turkish, Japanese, Belgium...are these ok?

    I have a similar problem, but only one of the messages is exactly the same. I arrived here in an effort to cure a Time Machine problem, but sure would like to know what these "invalid" and "not to be trusted" certificates mean!

  • Exporting auto-created SSL Certificate using Keychain Access

    Whenever I try, I get:
    "An error has occurred. Unable to export item.
    You fail to provide the necessary administrator authorization."
    Can it be done?

    Got the same problem. It's a mystery to me as well. Happens both at my SL server 10.6.2 at home and at work. I have no idea what is wrong except that it might forget to prompt me. It also doesn't work if I unlock the certificate keychain first.

Maybe you are looking for

  • Itunes will not work at all :(. HELP

    I have done everything i can possibly think of, i have uninstalled, reinstalled.. Uninstalled anything associate with apple and reinstalled and nothing works at all. Everytime i try to open Itunes or Quicktime it says Itunes has encountered a problem

  • Leopard, Parallels and Games

    Anybody here running any games by using Parallels? Like COD4? I am so sick and tired of having to reboot into Bootcamp to play games. I wish Mac and game companies could just get along and release the same games on Mac that are on PC....ARGH!!!

  • SNMP Requests from Solaris

    Hi, I am new to Solaris and have some questions about SNMP. Does Solaris (9,10) include any binaries that allow you to make SNMP request to external equipment such as routers or other SNMP hardware? I am considering the possibility of using a shell s

  • EP7 upgrade to EHp1

    Hi Experts, Currently we have EP7.0(JAVA stack) with SP15 landscape. We are planning to upgrade EHP1 on current system.I went to the SAP standard EHP1 upgrade document but I did not get exact.Do you have an experiance how to upgrade and steps What ar

  • Upload PurchaseOrdertext in material master upto 132 characters

    Hi all , I have written BDC for upload purchaseordertext as earlier have uploaded more than 132 to 250 characters in material master . but now it wont allow upto 132 characters . Give Solution AEAP . Thank u Swapnil