Certificate management under macOS - Keychain

Under Apple macOS, certificates (and other security-relevant information such as logon dates) are stored and managed in a so-called "keychain".

The application can be synchronized with the other Apple devices via the iCloud account, so that a certificate only needs to be installed once on the Apple operating systems (iOS, iPadOS, macOS) and then synchronizes with the other devices (see also Setting up the iCloud keychain).

Importing a certificate

As soon as you have received a certificate file from your service provider (e.g. by e-mail or as a download) ...

... you can simply click on the file (double click).

A p12 file is automatically opened under macOS with the keychain. If the certificate is protected with a password, which is the case with the certificate in the example, you will be asked for the password for the certificate.

If the password matches, the certificate is imported into the keychain.

The certificate is now used for the authentication of the corresponding website.

Calling the page (with installed certificate)

The corresponding page can be called up (in the example the page https://vc.edv-workshops.com). The browser immediately offers you the certificate you have just installed.

Click on OK.

You must now enter the user's keychain password to authorize the certificate to be used for this site. Clicking on "Always allow" would no longer ask for the user's password in the future. Clicking on "Allow" will ask for permission each time the certificate is used. I click on "Always allow".

The page is then displayed (the BigBlueButton web conferencing system in the example).

The certificate is now imported. The workshop is finished.