Results 1 to 6 of 6
  1. #1

    DreamingFox's Avatar
    Member Since
    Mar 31, 2008
    Posts
    27
    Question Keychain has untrusted certificate
    Hello,

    I'm a week & a half into my new MBP (love it), and in the process of setting up Keychain to manage my passwords.

    I downloaded an update (I *think* it was from apple - sorry, getting old and have CRS disease) that's making me uncomfortable, because when I look in System Keychains, there are a total of six listed in two categories:
    com.apple.kerberos.kdc
    com.apple.systemdefault

    2 are public, 2 are private, and 2 are "certificate".

    The "certificates" are marked with a red X and noted "This root certificate is not trusted".

    Can someone tell me whether I should be worried, and if not, why not?

  2. #2

    DreamingFox's Avatar
    Member Since
    Mar 31, 2008
    Posts
    27
    I guess nobody knows the answer to that question, so how about this one:

    I can enter my password and unlock the System keychain - would it hurt anything to delete the two untrusted certificates?

    They are "self-signed root certificates" that expire 3/26/28.

  3. #3


    Member Since
    Mar 04, 2008
    Posts
    477
    I have them too. I don't really understand what certificates are, so my rule is if I don't know what something is I just leave it alone.

    Too many people just go and delete things they don't know what they are and then things go wrong and they can't log into their computer.

    I have no reason to believe that these files aren't from apple. Especially if you just got your computer, I doubt apple would send it to you with something bad on it out of the box.

  4. #4

    DreamingFox's Avatar
    Member Since
    Mar 31, 2008
    Posts
    27
    Well, I was kind of assuming that they arrived with the add-in I installed (it had something to do with making Keychain easier to use), but if you've got them too, then that rules that out.

    I do find it slightly disturbing that Apple will ship something with untrusted certificates - so far, nearly everything with my Mac experience has been great, and again, I just don't quite get why Apple wouldn't fix this - it seems like it should be easy to do.

    Anyway, thanks for the response.

  5. #5

    skaheadpunk's Avatar
    Member Since
    Jan 12, 2008
    Location
    Leicester, England
    Posts
    1,760
    Specs:
    MacBook, iPod Classic, 8GB 3G iPhone, Time Capsule
    Sorry, did you download this with the Software Update thing?

  6. #6

    Aptmunich's Avatar
    Member Since
    Mar 09, 2004
    Location
    Munich
    Posts
    9,073
    Specs:
    Aluminium Macbook 2.4 Ghz 4GB RAM, SSD 24" Samsung Display, iPhone 4, iPad 2
    Quote Originally Posted by DreamingFox View Post
    Well, I was kind of assuming that they arrived with the add-in I installed (it had something to do with making Keychain easier to use), but if you've got them too, then that rules that out.

    I do find it slightly disturbing that Apple will ship something with untrusted certificates - so far, nearly everything with my Mac experience has been great, and again, I just don't quite get why Apple wouldn't fix this - it seems like it should be easy to do.

    Anyway, thanks for the response.
    Those are both "self-signed root certificates", which AFAIK basically means that using those certificate you can create your own certificates that you (or your system) can sign.

    Either that, or they're just needed by the system for internal signing of things...

    Again, I'm not really sure on this, but I have them as well, so I think you're good just leaving them.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problem with Firefox 38 Error Message: This Connection is Untrusted
    By schwine1 in forum OS X - Apps and Games
    Replies: 0
    Last Post: 05-12-2015, 02:47 PM
  2. Certificate not recognised
    By monex in forum OS X - Operating System
    Replies: 0
    Last Post: 02-15-2012, 10:41 AM
  3. Untrusted certificates in Keychain
    By Ziza in forum OS X - Operating System
    Replies: 0
    Last Post: 06-06-2011, 09:58 AM
  4. keychain certificate problems
    By iphoneSDKid in forum iOS and Apps
    Replies: 0
    Last Post: 01-02-2010, 03:48 PM
  5. Untrusted zip file
    By beattie41 in forum OS X - Apps and Games
    Replies: 4
    Last Post: 06-10-2007, 06:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •