Forums
New posts
Articles
Product Reviews
Policies
FAQ
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Menu
Log in
Register
Install the app
Install
Forums
Apple Computing Products:
macOS - Operating System
keychain questions
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="MotorcycleBetty" data-source="post: 943257" data-attributes="member: 55314"><p>Hello,</p><p></p><p>I've been looking through my Keychain Access for the first time in quite a while, and have some questions I hope somebody can answer for me. </p><p></p><p>My questions are in two areas: the System keychain, and the System Roots keychain.</p><p></p><p>1) In the System keychain, I've got two "self-signed root certificates" that don't expire until March of 2028 and are flagged (marked with a red X) as "not trusted". They are: </p><p>com.apple.kerberos.kdc and </p><p>com.apple.systemdefault</p><p></p><p>Note that there are also corresponding public and private keys for these two certificates that are not flagged. </p><p></p><p>There is also a Dashboard Advisory certificate that isn't flagged, but when highlighted says "This certificate was signed by an unknown authority.</p><p></p><p>Why are certificates from Apple not trusted? Can the certificates be replaced with trustworthy ones? If so, how? </p><p></p><p>2) The System Roots keychain is filled with certificates most of which I don't know where they came from. Some of them aren't even in English. Some of them I recognize as being related to websites I've been, or my domain hosting service, etc., but for the most part, I've got no idea why all these certificates are in this keychain.</p><p></p><p>My questions on these certificates are: can I delete the whole kit & caboodle of them? If not, how do I know which ones I *can* delete?</p></blockquote><p></p>
[QUOTE="MotorcycleBetty, post: 943257, member: 55314"] Hello, I've been looking through my Keychain Access for the first time in quite a while, and have some questions I hope somebody can answer for me. My questions are in two areas: the System keychain, and the System Roots keychain. 1) In the System keychain, I've got two "self-signed root certificates" that don't expire until March of 2028 and are flagged (marked with a red X) as "not trusted". They are: com.apple.kerberos.kdc and com.apple.systemdefault Note that there are also corresponding public and private keys for these two certificates that are not flagged. There is also a Dashboard Advisory certificate that isn't flagged, but when highlighted says "This certificate was signed by an unknown authority. Why are certificates from Apple not trusted? Can the certificates be replaced with trustworthy ones? If so, how? 2) The System Roots keychain is filled with certificates most of which I don't know where they came from. Some of them aren't even in English. Some of them I recognize as being related to websites I've been, or my domain hosting service, etc., but for the most part, I've got no idea why all these certificates are in this keychain. My questions on these certificates are: can I delete the whole kit & caboodle of them? If not, how do I know which ones I *can* delete? [/QUOTE]
Verification
Post reply
Forums
Apple Computing Products:
macOS - Operating System
keychain questions
Top