Cloud Services Root CA "not trusted" by MAC OS

book

Article ID: 168863

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

In the MAC OS X environment, you add the downloaded cert as a system keychain

Resolution

Cloud Services Root CA labeled "CertEmulationCA.crt" will not be trusted with manual installation into Keychain Access.  You can fix this via the following process:
  1. Manual Process:
    • Open Keychain Access found in your Utilities folder
      • Then click on "Certificates" or "My Certificates" category
      • Double click the certificate in question. After the panel opens, click on the triangle next to "Trust"
        • Change the drop down from System to "Always Trust"
      • Next, go to the Keychains Menu > Keychain First Aid Select "repair"
      • If any errors appear; rerun until you get a clean pass
      • Restart Safari
  2. Command Line:
    • Terminal Console: sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /Users/Admin/Downloads/CertEmulationCA.crt
      • where "/Users/Admin/Downloads/CertEmulationCA.crt" is the location where your cert is stored