Re: [Fed-Talk] Keychain.app certs and X509
Re: [Fed-Talk] Keychain.app certs and X509
- Subject: Re: [Fed-Talk] Keychain.app certs and X509
- From: "Timothy J. Miller" <email@hidden>
- Date: Tue, 20 Feb 2007 08:49:07 -0600
David Emery wrote:
I've seen various tutorials on how to cert-enable a Mac, in particular
to load the DoD certs so that I don't get prompted to accept the cert
every time I try to access Army AKO for example. My problem is that on
my machine (MacBook Pro X.4.8), what I see doesn't correspond with what
the tutorials say I should see.
> In particular with the system keychains open, I do NOT see the X509
> entry that I'm expecting in the pop-up menu. See attached, or the same
> picture's available at http://www.olimpia.com/x509-awol.jpg
Put the root CAs into X509Anchors, which is already there. DoD CLASS 3
Root CA is already in this keychain, but DoD Root CA 2 is not.
The issuing subordinate CAs can go in any keychain you have loaded.
They can go in your login keychain, for instance. You only need to put
them into X509Certificates if you want them shared between multiple
accounts (without loading them into each account's login keychain
separately) but then each user will still need to add X509Certificates
into the keychain list.
-- Tim
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden