Before you proceed with actually installing your SSL, please ensure that you generated its CSR, activated and validated the SSL. The issued certificate files can be downloaded from your Namecheap account.
This article describes the process of creating a backup SSL Certificate in MacOS 10.15 as well as the creation of a PFX(p12, PKCS12) formatted certificate. It also features instructions for importing such certificates on the server.
- How to Import Your PFX SSL Certificates
- How to Export Your SSL Certificates
How to Import Your PFX SSL Certificates
In order to import your SSL certificate, it should be available in PFX format. A PFX file is a single, password-protected certificate store that contains the entire certificate chain plus the matching private key. If your certificate is in a different format, you will need to convert it. One option is to use this tool.
Note: The certificate can also be converted using the OpenSSL command, the process of which is described here.
- Go to Finder >> Applications >> Utilities, then locate and open the Keychain Access application from the list.
- In the Keychain Access toolbar, choose File >> Import Items.
In the new window, find the location of your PFX-formatted certificate:Click the Open button to proceed.
Next, you will need to enter the password of your certificate file. The password was specified during the creation of the PFX file. If none was specified, feel free to leave the field blank.Click OK to complete the process.
In the Keychain Access window, located under the Keychains sidebar, click System and then under Category, click Certificates to view the imported certificate.
The imported Certificate, Private key and the Certificates from the CA bundle chain will be available on the list in PEM format.
How to Export Your SSL Certificates
You may need to export your certificate for backup purposes or installation on a separate server. The following is the instructions for this process.
- Open Keychain Access.
Go to Finder >> Applications >> Utilities, then locate and open the Keychain Access application from the list.
- In the Keychain Access window, under the Keychains sidebar, click System and then under Category, click Certificates.
Hold down the command
key and then select your SSL Certificate (e.g. yourdomain.com) and the corresponding Intermediate Certificates (e.g. Sectigo RSA Domain Validation Secure Server CA, USERTrust RSA Certification Authority).
- In the Keychain Access toolbar, choose the File >> Export Items option.
- In the following export window, which opens next, specify the following information:
- In the Save As: field, write the name of the file ending with the .p12 extension, which is another format of a PFX certificate.
- Click the arrow next to the Where box to specify the location in which the file will be saved. Make sure to choose a location that you will remember so you are able to access the file afterwards.
- In the File Format: drop down, make sure to choose the Personal information Exchange (.p12) format.
Click the Save button to proceed to the next step.
- You will be prompted to specify a password for your certificate. Feel free to leave the field empty if you wish:
Note: When you specify the password for the exported certificate and click the "OK" button, you will be prompted to enter the admin username and password of the OS. Once the correct credentials have been entered, you can save the certificate by clicking the "Save" button.
Click the OK button to complete the process. Now your certificate will be available in the location you selected during step 4 of the process (saving the PFX file).
That’s it! If you have any questions, please contact our Support Team.
FAQs
Add certificates to a keychain using Keychain Access on Mac
- In the Keychain Access app on your Mac, select either the login or System keychain.
- Drag the certificate file onto the Keychain Access app.
- If you're asked to provide a name and password, type the name and password for an administrator user on this computer.
How to export certificate from keychain Mac? ›
Export keychain items
- In the Keychain Access app on your Mac, select the items you want to export in the Keychain Access window.
- Choose File > Export Items. ...
- Select a location to save your keychain items, click the File Format pop-up menu, then choose a file type.
- Click Save.
- Enter a password.
How to trust a certificate in keychain? ›
In the Keychain Access app on your Mac, select a keychain from one of the keychains lists, then double-click a certificate. Next to Trust, click the arrow to display the trust policies for the certificate. To override the trust policies, choose new trust settings from the pop-up menus.
How to create your own certificate authority in Keychain Access on Mac? ›
In the Keychain Access app on your Mac, choose Keychain Access > Certificate Assistant > Create a Certificate Authority. Enter a name for the certificate authority. Choose an identity type, then choose the type of user certificate to be issued by the certificate authority.
How do I export and import keychain? ›
Import and export keychain items using Keychain Access on Mac
- In the Keychain Access app on your Mac, choose File > Import Items.
- Navigate to the keychain items file you want to import and select it.
- In the Destination Keychain pop-up menu, choose the keychain you want to import to, then click Open.
Why is my keychain certificate not in my certificates? ›
If the certificate is not in My Certificates then this is most likely because you do not have the correct key for that certificate also on that Mac.
How to export certificate with private key Mac? ›
Using a Mac with the distribution certificate installed:
- Open Keychain Access (Application -> Utilities)
- Click on My Certificates.
- Find the certificate, it'll be named iPhone Distribution: Your Company Name.
- Expand the certificate using the Reveal More arrow.
- Select both the certificate and the private key.
Where are certificates stored on macOS? ›
In the Keychain Access app on Mac, select a keychain, then click either the My Certificates category or the Certificates category to see the certificates in that keychain. Select the certificate you want to view, then click the Info button in the toolbar.
How do I export certificates from key vault? ›
You can export stored certificates in Azure Key Vault by using the Azure CLI, Azure PowerShell, or the Azure portal. Only require a certificate password when you import the certificate in the key vault. Key Vault doesn't save the associated password. When you export the certificate, the password is blank.
Why do I keep getting my certificate not trusted? ›
This error indicates that the SSL certificate is signed or approved by a company that the browser does not trust. That means either the company, known as the certificate authority (CA), is not on the browser's built-in list of trusted certificate providers or that the certificate was issued by the server itself.
Keychain items are transferred from device to device, traveling through Apple servers, but are encrypted end-to-end so that Apple and other devices can't read their contents.
What are certificates in Apple keychain? ›
In macOS, certificates are part of your digital identity and are stored in your keychain. Keychain Access lets you manage your certificates and keychains. Certificates are issued by trusted organizations, such as VeriSign, Inc., or RSA Data Security, Inc.
How do I export certificates from Keychain Access? ›
In the Keychain Access toolbar, choose the File >> Export Items option. In the following export window, which opens next, specify the following information: In the Save As: field, write the name of the file ending with the . p12 extension, which is another format of a PFX certificate.
How do I make a self signed certificate trusted on a Mac? ›
Keychain Certificates
Drag the certificate you copied to the desktop into the list of certificates. After localhost gets added to the System keychain, double-click it to open it again. Expand the Trust section and for the first option, pick Always Trust.
How to use Keychain Access on Mac? ›
To quickly open Keychain Access, search for it in Spotlight, then press Return. See how to open apps. Important: To ensure that passwords and other data stored in your keychain are secure, make sure to set up a login password for your computer. See Change the login password.
How do I import SSL certificates and keys? ›
Click System > System Security. Click Console Certificate. Click Import Certificate and Key. In the Server Certificate File field, browse to and select the certificate file that you want to import.
How to add an SSL certificate in Mac? ›
For Web Services:
- Open Web > Sites.
- Choose the site you want to select the certificate onto.
- Click the Security tab and click the checkbox to Enable Secure Sockets Layer (SSL).
- Choose the certificate.
- At the prompt "Do you want to restart Web now?" Choose Restart.
How do I access certificates on my Mac? ›
In the Keychain Access app on Mac, select a keychain, then click either the My Certificates category or the Certificates category to see the certificates in that keychain. Select the certificate you want to view, then click the Info button in the toolbar. You can also double-click the certificate you want to view.
How do I add a certificate to trusted root on Mac? ›
Install root certificates on Mac
- Click Show Certificates.
- Select, when using this certificate, Always Trust. The Secure Sockets Layer (SSL) and X. 509 Basic Policy trusts update to Always Trust.
- Click Continue.
- Provide your password and click Update Settings.