- Joined
- May 7, 2008
- Messages
- 24
- Reaction score
- 0
- Points
- 1
Hello,
I've been looking through my Keychain Access for the first time in quite a while, and have some questions I hope somebody can answer for me.
My questions are in two areas: the System keychain, and the System Roots keychain.
1) In the System keychain, I've got two "self-signed root certificates" that don't expire until March of 2028 and are flagged (marked with a red X) as "not trusted". They are:
com.apple.kerberos.kdc and
com.apple.systemdefault
Note that there are also corresponding public and private keys for these two certificates that are not flagged.
There is also a Dashboard Advisory certificate that isn't flagged, but when highlighted says "This certificate was signed by an unknown authority.
Why are certificates from Apple not trusted? Can the certificates be replaced with trustworthy ones? If so, how?
2) The System Roots keychain is filled with certificates most of which I don't know where they came from. Some of them aren't even in English. Some of them I recognize as being related to websites I've been, or my domain hosting service, etc., but for the most part, I've got no idea why all these certificates are in this keychain.
My questions on these certificates are: can I delete the whole kit & caboodle of them? If not, how do I know which ones I *can* delete?
I've been looking through my Keychain Access for the first time in quite a while, and have some questions I hope somebody can answer for me.
My questions are in two areas: the System keychain, and the System Roots keychain.
1) In the System keychain, I've got two "self-signed root certificates" that don't expire until March of 2028 and are flagged (marked with a red X) as "not trusted". They are:
com.apple.kerberos.kdc and
com.apple.systemdefault
Note that there are also corresponding public and private keys for these two certificates that are not flagged.
There is also a Dashboard Advisory certificate that isn't flagged, but when highlighted says "This certificate was signed by an unknown authority.
Why are certificates from Apple not trusted? Can the certificates be replaced with trustworthy ones? If so, how?
2) The System Roots keychain is filled with certificates most of which I don't know where they came from. Some of them aren't even in English. Some of them I recognize as being related to websites I've been, or my domain hosting service, etc., but for the most part, I've got no idea why all these certificates are in this keychain.
My questions on these certificates are: can I delete the whole kit & caboodle of them? If not, how do I know which ones I *can* delete?