Mac Tutorials - Herong's Tutorial Examples - v3.08, by Herong Yang
Generate CSR (Certificate Signing Request) on macOS
This section provides a tutorial example on how to create a CSR (Certificate Signing Request) with auto-generated private/public key pair on macOS using Keychain Access.
With my own root CA certificate created, now I am in business to issue new certificates for others that are signed by my root CA.
Normally, if John from the Internet wants me to issue a certificate for him, he has to generate a CSR (Certificate Signing Request) by himself and sent it to me for signing.
But if he has no tools to generate a CSR, I can generate one on his behalf.
1. Click "Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority" menu. The Certificate Assistant dialog box shows up.
2. Enter the following and click "Continue".
User Email Address: joe.doe@gmail.com Common Name: Joe Doe CA Email Address: herong_yang@yahoo.com Request is: [x] Saved to disk [ ] Let me specify key pair information
3. Enter the following and click "Continue".
User Email Address: joe.doe@gmail.com Common Name: Joe Doe CA Email Address: herong_yang@yahoo.com Request is: [x] Saved to disk [ ] Let me specify key pair information
4. Specify "joe.csr" as the CSR file name in "~/temp" folder and click "Save".
Now I can send a copy of "joe.csr" to Joe for him to keep.
Table of Contents
Macintosh OS (Operating System) History
System and Application Processes
Keychain Access - Password Manager
►Keychain Access - Certificate Manager
Using Keychain Access as Certificate Manager
Listing of Trusted Root CA in macOS
Exporting Root Certificate to File from macOS
Delete/Untrust Certificates from macOS
Import Server Certificates to macOS
Create My Own Root CA on macOS
Review My Root CA Certificate on macOS
Review Private Key of My CA Certificate on macOS
►Generate CSR (Certificate Signing Request) on macOS
Issue New Certificate with My CA on macOS
Verify Certificate Signed by My CA on macOS
Manage Keychains with Commands
Keychain File Locations on macOS
CA Certificates at "/etc/ssl | /private/etc/ssl"