PKI Tutorials - Herong's Tutorial Examples - v2.32, by Herong Yang
Listing of Trusted Root CA in macOS
This section provides a tutorial example on how to see the list of trusted root CA (PKI Certificate Authorities) pre-installed on macOS.
As we learned earlier, the trust of an entire HTTPS Website is based on certificates of trusted root CA (PKI Certificate Authorities).
Before using the Apple browser Apple Safari on my computer to visit any HTTPS Websites, I want to see who are those trusted PKI Certificate Authorities my macOS computer.
1. Click "Launchpad > Other > Keychain Access". The Keychain Access screen shows up.
2. Click "System Roots" keychain, then "Certificates" category on the left pane. A list of all trusted root CA certificates are displayed.
Expiration Root CA 2029-01-01 AAA Certificate Services 2030-09-22 Actalis Authentication Root CA 2021-11-10 Admin-Root-CA 2030-12-31 AffirmTrust Commercial 2030-12-31 AffirmTrust Networking 2033-06-06 ANF Global Root CA 2035-02-10 Apple Root CA 2033-03-12 ApplicationCA2 Root 2031-01-01 Atos TrustedRoot 2011 2030-12-31 Autoridad de Certificacion Firmaprofesional CIF A62634068 2025-05-13 Baltimore CyberTrust Root ...
Table of Contents
Introduction of PKI (Public Key Infrastructure)
Introduction of HTTPS (Hypertext Transfer Protocol Secure)
Using HTTPS with Google Chrome
Using HTTPS with Mozilla Firefox
HTTPS with IE (Internet Explorer)
Android and Server Certificate
Windows Certificate Stores and Console
RDP (Remote Desktop Protocol) and Server Certificate
►macOS Certificate Stores and Keychain Access
What Is Keychain Access on macOS
►Listing of Trusted Root CA in macOS
Exporting Root Certificate to File from macOS
Delete/Untrust Certificates from macOS
Unlock Keychain to Access Certificate on macOS
Import Server Certificates to macOS
Create My Own Root CA on macOS
Review My Root CA Certificate on macOS
Review Private Key of My CA Certificate on macOS
Generate CSR (Certificate Signing Request) on macOS
Issue New Certificate with My CA on macOS
Verify Certificate Signed by My CA on macOS
Keychain File Locations on macOS
CA Certificates at "/etc/ssl | /private/etc/ssl"
Perl Scripts Communicating with HTTPS Servers
PHP Scripts Communicating with HTTPS Servers
Java Programs Communicating with HTTPS Servers
.NET Programs Communicating with HTTPS Servers
CAcert.org - Root CA Offering Free Certificates
PKI CA Administration - Issuing Certificates
Comodo Free Personal Certificate
Digital Signature - Microsoft Word
Digital Signature - OpenOffice.org 3