Wednesday, December 8, 2010

Import electronic certificate into OSX Keychain for Safari & Chrome

By mistake I've used Safari for obtaining a public key certificate from a website that was designed for Firefox or Internet Explorer. At the end of the procedure I've downloaded a file (descargarCert) but the certificate was not installed in the Keychain. I assume that Firefox should recognize the certificate's format and install it automatically, but Safari did not.
After some googling I've discovered that the X.509 certificate formatted as PEM file, and Keychain needed DER.
  • First split the long lines of the original file, with less than 75 chars per line;
  • Then run:
       openssl pkcs7 -inform PEM -in descargarCert -outform DER -out certificate.der -print_certs
  • Lastly import the certificate into the Keychain by opening the output file: certificate.der

No comments:

Post a Comment