I'm just in the process of doing all this. I managed to import the Root CA 2
into X509Anchors, but now I'm having trust issues. How do I get OS X to
bless this bad boy?
Trust issues in what way and in which app?
Frex, Keychain Access needs a relaunch when you add a new root to
X509Anchors; the UI elements don't get updated otherwise.
Some apps use their own certificate trust lists, even if they're
keychain-aware (there are more roots in X509Anchors than you probably
want to trust all the time); these lists will have to be edited.
Anything using NSS (Mozilla, Firefox, Thunderbird, etc) aren't
keychain-aware at all and need to have the roots added to their own cert
store.
PS - for those of you that go to GDS and see only the base64 version of the
new root. This is the command I used to decode it:
If you rename it .cer or .pem instead of .base64 it should launch
Keychain Access from Finder without recoding to DER format. Keychain
Access is already associated with those file extensions and it
understands both ASN.1 encodings.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/fed-talk/email@hidden
This email sent to email@hidden
