Mac Tutorials - Herong's Tutorial Examples

∟Keychain Access - Certificate Manager

∟Keychain File Locations on macOS

This section provides a tutorial example on how to find Keychain file locations on macOS computers.

Keychain is a great tool to manage certificates on Mac computers. Normally you don't need to know those certificates are stored and where they are stored.

Most PKI-based applications designed to run on Mac computers knows how to access certificate managed by Keychain. Safari Web browser is a good example.

If you really want to know where Keychain files are stored on your Mac computer, here some guidelines to help you finding them:

1. Certificates in "login" Keychain - login.keychain-db stored in ~/Library/Keychains/ in your home directory.

herong$ sudo ls -l ~/Library/Keychains/

drwx------  11 herong  staff     374  1EE865BD-E71B-57E4-8E7D-BD7119D2B5BB
-rw-r--r--   1 herong  staff   30272  Test.keychain-db
-rw-r--r--@  1 herong  staff  499876  login.keychain-db
-rw-r--r--   1 herong  staff  354188  login.keychain-db.sb-9e03cdb4-HH8NvQ
-rw-------   1 herong  staff  154336  metadata.keychain-db

2. Certificate in "System" Keychain - System.keychain stored in the /Library/Keychains/ directory.

herong$ sudo ls -l /Library/Keychains

-r--r--r--@ 1 root  wheel      0  .fl043D1EDD
-r--r--r--  1 root  wheel      0  .fl947E1BDB
-rw-r--r--  1 root  wheel  88664  System.keychain
-rw-r--r--@ 1 root  wheel  65944  apsd.keychain

3. Certificate in "System Roots" Keychain - SystemRootCertificates.keychain stored in the /System/Library/Keychains/ directory.

herong$ sudo ls -l /System/Library/Keychains/

-rw-r--r--  1 root  wheel    6814  EVRoots.plist
-rw-r--r--  1 root  wheel  385940  SystemRootCertificates.keychain
-rw-r--r--  1 root  wheel   91756  SystemTrustSettings.plist
-rw-r--r--  1 root  wheel  282984  X509Anchors

However, some PKI-based applications are designed to run on the Linux system that supports the Mac computer. They do not use certificates that are managed by keychain. See the next tutorial for examples.

Table of Contents

 About This Book

 Macintosh OS (Operating System) History

 macOS Operating System

 macOS File Systems

 macOS Network Connections

 System and Application Processes

 Keychain Access - Password Manager

►Keychain Access - Certificate Manager

 Using Keychain Access as Certificate Manager

 Listing of Trusted Root CA in macOS

 Exporting Root Certificate to File from macOS

 Delete/Untrust Certificates from macOS

 Import Server Certificates to macOS

 Create My Own Root CA on macOS

 Review My Root CA Certificate on macOS

 Review Private Key of My CA Certificate on macOS

 Generate CSR (Certificate Signing Request) on macOS

 Issue New Certificate with My CA on macOS

 Verify Certificate Signed by My CA on macOS

 Manage Keychains with Commands

►Keychain File Locations on macOS

 CA Certificates at "/etc/ssl | /private/etc/ssl"

 Productivity Tools on macOS

 Programming Tools on macOS

 Apache Web Server on macOS

 Develop and Run Java Applications

 Full Version in PDF/EPUB

Keychain File Locations on macOS - Updated in 2023, by Herong Yang