By Louis Pelosi | Tue, 05/04/2021 - 14:21

How to import and export certificate-key pairs using the macOS Keychain.

Apple's macOS includes a built-in key and password manager, Keychain, which stores user passwords, user and server certificates, and keys.  Certain applications, including the Safari web browser, use this centralized Keychain for storing and retrieving certificate information in lieu of maintaining their own, separate certificate repositories.  One must use the macOS Keychain in order to add a certificate-key pair to, remove from, or export certificate-key pairs from Safari and other, similar applications.

To import your certificate-key pair:

  1. Open the Keychain Access utility (Applications -> Utilities)
  2. Choose File -> Import items ...
  3. Browse to the location of your P12 format certificate file, and click Open.  You will be prompted for your key pair's export password.
  4. You may also be prompted whether to automatically trust certificates issued by your certificate authority or CA. To trust and install your certificate, click Always Trust.

Once imported, your certificate-key pair will appear under both the Certificates and Keys categories in the Keychain Access utility.

To export your certificate-key pair:

  1. Open the Keychain Access utility (Applications -> Utilities)
  2. Select your certificate or key from the Certificates or Keys category, and do one of the following:
    • Choose File -> Export items ...
    • Right-click, and choose Export [your name]'s ID ...
  3. In the Save As field, enter a new name for the exported item, and click Save.  You will be prompted to enter a new export password for the item.