equinux VPN Tracker 6.4.6 User Manual

Importing Certificates

Certificates can be imported into a Mac OS X keychain using any of the usual
certificate formats (PEM, DER, PKCS#7, PKCS#12). To import a certificate, simply
double-click the certificate file, or choose “File > Import Items...” in Keychain
Access.

If the certificate contains a private key and the certificate file is protected by a
password, you will be asked for this password:

If the certificate contained a private key, you will see both the certificate and
its private key in the list after importing. A combination of a certificate and its
private key is called an identity in Mac OS X.

If only the public part of the certificate was imported, you will see only the
certificate listed after importing.

Importing Certificate Authorities

Importing a certificate authority works the same as importing a regular cer-
tificate. After importing, you will be asked if you want to trust this certificate
authority. If you choose “Always Trust”, certificates signed by this certificate
authority will be trusted automatically in the future.

Certificate Authorities (CAs) on Mac OS X 10.4 Tiger

On Mac OS X 10.4, certificate authorities must be placed in the X.509 An-
chors keychain. It is not possible to set certificate authorities as trusted that
are not in this special keychain.

Checking a Certificate’s Trust

Keychain Access easily lets you see if a given certificate is trusted, and if not,
why not. Simply select the certificate and examine the top part of the Key-
chain Access window (if the details are not visible, use “View > Show Sum-
mary” to display them):

71