Posts Tagged certificate

Delete certificates from System Roots in Keychain Access on Mac

Before you start deleting certificates from System Roots in your Keychain Access, make sure that you know what you are doing as you can harm your mac if you will delete some essential certificates.

You have been warned 🙂

1. Reboot mac in recovery mode (Hold cmd+R) during restart

2. Start terminal and switch off System Integrity Protection running the command

csrutil disable

3. Reboot in normal mode

4. Start keychain access and find the certificates you want to delete, check its name or unique fingerprint (Right click -> Get info -> Common name or SHA1)

5. Use command line below to delete the certificate using common name:

sudo security delete-certificate -c Common-Name /System/Library/Keychains/SystemRootCertificates.keychain

Or command line below if you are using SHA1 (delete all the spaces in SHA1 fingerprint before running the command)

sudo security delete-certificate -Z SHA1-fingerprint /System/Library/Keychains/SystemRootCertificates.keychain

6. Reboot your mac in recovery mode again (Hold cmd+R)

7. Start terminal and switch on System Integrity Protection running the command

csrutil enable

8. Reboot in normal mode

, , , , , , , , ,

Leave a comment

Setting SSL certificate for Google App Engine

Help on the topic can be found here: https://cloud.google.com/appengine/docs/python/console/using-custom-domains-and-ssl

Telling long story shortly:

1. Generate key & signing request with the command

openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr

2. Send “server.csr” file to your favorite certificate issuer and receive .crt files

3. Convert your private key into the format google requires:

openssl rsa -in myserver.key -out private.key.pem

4. Concatenate all .crt file into one

cat www_example_com.crt ASecureServerCA.crt ATrustCA.crt ATrustExternal.crt > public.crt

5. Upload public.crt & private.key.pem in google cloud console

6. Map your certificate with the website and enjoy.

, , ,

1 Comment