Mac Tutorials - Herong's Tutorial Examples - v3.08, by Herong Yang
Verify Certificate Signed by My CA on macOS
This section provides a tutorial example on how to verify certificate signed with my private key and my root CA certificate on macOS using Keychain Access.
After issue Joe's certificate with my root CA, I want to verify details of the certificate.
1. Click "Keychain Access > File > Import Items" menu. The file selection dialog box shows up.
2. Select "joe.pem" to import it into Keychain Access.
3. Open "login" keychain and "Certificates" category. "Joe Doe" certificate is listed there.
4. Double click "Joe Doe" certificate to open it. Details of the certificate show up.
Subject: Joe Doe Issuer: Herong Yang's CA Signature: ECDSA Signature with SHA-256 ( 1.2.840.10045.4.3.2 ) Algorithm: RSA Encryption ( 1.2.840.113549.1.1.1 ) Public key: DB 55 6B E6 BA 38 87 56 A9 B5 11 04 09 0C 56 E9 ... Usage: Digital Signature ...
5. Open "login" keychain and "Keys" category. I see Joe's public and private key pair listed there. This is because I generated the CSR on him behalf. I should send the key pair back to him, so he can sign or encrypt documents.
Table of Contents
Macintosh OS (Operating System) History
System and Application Processes
Keychain Access - Password Manager
►Keychain Access - Certificate Manager
Using Keychain Access as Certificate Manager
Listing of Trusted Root CA in macOS
Exporting Root Certificate to File from macOS
Delete/Untrust Certificates from macOS
Import Server Certificates to macOS
Create My Own Root CA on macOS
Review My Root CA Certificate on macOS
Review Private Key of My CA Certificate on macOS
Generate CSR (Certificate Signing Request) on macOS
Issue New Certificate with My CA on macOS
►Verify Certificate Signed by My CA on macOS
Manage Keychains with Commands
Keychain File Locations on macOS
CA Certificates at "/etc/ssl | /private/etc/ssl"