PKI Tutorials - Herong's Tutorial Examples

∟macOS Certificate Stores and Keychain Access

∟Unlock Keychain to Access Certificate on macOS

This section provides a tutorial example on how to unlock locked keychain in Keychain Access. You need to lock and unlock 'login' keychain resolve 'the user name or passphrase you entered is not correct' error.

By default, there are 4 keychains in macOS. 2 of them, "login" and "Local Items" are unlocked. 2 of them, "System" and "System Roots" are locked.

Sometime you may want to unlock a locked keychain so that you can access and update certificates in the keychain easily.

1. Select the keychain you want to unlock. For example "System".

2. Click the "lock" icon on the top left corner.

3. Enter your password or (Admin password) to unlock it.

You can repeat the same process to lock an unlocked keychain.

Sometimes, you may get "the user name or passphrase you entered is not correct" error, when trying to perform a Keychain Access task. It could be a result of your login password is out of synch with the keychain password. You can lock the "login" keychain and "unlock" it again to resolve the error.

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

 Introduction of HTTPS (Hypertext Transfer Protocol Secure)

 Using HTTPS with Google Chrome

 Using HTTPS with Mozilla Firefox

 HTTPS with Microsoft Edge

 Using HTTPS with Apple Safari

 HTTPS with IE (Internet Explorer)

 Android and Server Certificate

 iPhone and Server Certificate

 Windows Certificate Stores and Console

 RDP (Remote Desktop Protocol) and Server Certificate

►macOS Certificate Stores and Keychain Access

 What Is Keychain Access on macOS

 Listing of Trusted Root CA in macOS

 Exporting Root Certificate to File from macOS

 Delete/Untrust Certificates from macOS

►Unlock Keychain to Access Certificate on macOS

 Import Server Certificates to macOS

 Create My Own Root CA on macOS

 Review My Root CA Certificate on macOS

 Review Private Key of My CA Certificate on macOS

 Generate CSR (Certificate Signing Request) on macOS

 Issue New Certificate with My CA on macOS

 Verify Certificate Signed by My CA on macOS

 Keychain File Locations on macOS

 CA Certificates at "/etc/ssl | /private/etc/ssl"

 Perl Scripts Communicating with HTTPS Servers

 PHP Scripts Communicating with HTTPS Servers

 Java Programs Communicating with HTTPS Servers

 .NET Programs Communicating with HTTPS Servers

 CAcert.org - Root CA Offering Free Certificates

 PKI CA Administration - Issuing Certificates

 Comodo Free Personal Certificate

 Digital Signature - Microsoft Word

 Digital Signature - OpenOffice.org 3

 S/MIME and Email Security

 PKI (Public Key Infrastructure) Terminology

 Archived Tutorials

 References

 Full Version in PDF/EPUB

Unlock Keychain to Access Certificate on macOS - Updated in 2022, by Herong Yang