How do I get an AAI/Insight Self Signed HTTPS Certificate Trusted on macOS?
1. Pull the cert over to Mac from AAI or insight server by opening a terminal session on your Mac and running:
openssl s_client -connect <aai/insight server name>:<HTTPS Port><<<'' | openssl x509 -out AAI.cert
For example for an AAI server named "aaiserver" which was configured to run HTTPS on port 8443, you would run the following and the certificate file will get copied to the directory where you run the command from:
openssl s_client -connect aaiserver:8443<<<'' | openssl x509 -out AAI.cert
2. Open the Keychain Access App by hitting Command + Space together and search for Keychain Access.
3. Drag cert file from the directory where you ran the command in step 1 into the System->Certificates folder in the Keychain Access app.
4. Find the cert in the list of Certificates and if it is marked with an x, double click it.
5. Expand where it says “Trust” on top, and select “Always Trust”
6. Attempt to access AAI or Insight Websites again.
Note this will only work for access to the Terma website and not the AAI Java Client.