I was doing some testing in macOS Certificate assistant to create my own CA. Is there a way to delete the CA created as I was just testing something with it but cannot find out how to get rid of the CA from Certificate Assistant. I've already done the following:
-Removed certs from Keychain Access
-Deleted the $USER/Library/Application Support/Certificate Authority/TEMP CA/ folder.
TIA
D
ddeacon wrote:
Well I figured out what is going on on my own here. A bit of a bug or weird design intent in Certificate Assistant when you have no CAs. It seems once you set something as the default CA you can't remove it from Certificate Assistant unless you have at least one other CA present. Looks like current behaviour is once you created a CA and set it as default, you from then on need a default CA so you have to have another CA to set as default. I did this to verify:
Assumes you have no other CAs at the start.
Create a CA Called "Test CA 1"
Then to remove it:
In Keychain Access Delate the certs for "Test CA 1"
Delete the $USER/Library/Application Support/Certificate Authority/Test CA 1/ folder
Notice in Certificate assistant "Test CA 1" is still present.
Create "Test CA 2" and make it default.
Close Certificate Assistant and reopen it and "Test CA 1" is now gone. Catch it now you can't get rid of "Test CA 2"
You can submit your findings to Apple engineers as feedback or a bug report: http://www.apple.com/feedback
ddeacon wrote:
Well I figured out what is going on on my own here. A bit of a bug or weird design intent in Certificate Assistant when you have no CAs. It seems once you set something as the default CA you can't remove it from Certificate Assistant unless you have at least one other CA present. Looks like current behaviour is once you created a CA and set it as default, you from then on need a default CA so you have to have another CA to set as default. I did this to verify:
Assumes you have no other CAs at the start.
Create a CA Called "Test CA 1"
Then to remove it:
In Keychain Access Delate the certs for "Test CA 1"
Delete the $USER/Library/Application Support/Certificate Authority/Test CA 1/ folder
Notice in Certificate assistant "Test CA 1" is still present.
Create "Test CA 2" and make it default.
Close Certificate Assistant and reopen it and "Test CA 1" is now gone. Catch it now you can't get rid of "Test CA 2"
You can submit your findings to Apple engineers as feedback or a bug report: http://www.apple.com/feedback
Well I figured out what is going on on my own here. A bit of a bug or weird design intent in Certificate Assistant when you have no CAs. It seems once you set something as the default CA you can't remove it from Certificate Assistant unless you have at least one other CA present. Looks like current behaviour is once you created a CA and set it as default, you from then on need a default CA so you have to have another CA to set as default. I did this to verify:
Assumes you have no other CAs at the start.
Create a CA Called "Test CA 1"
Then to remove it:
In Keychain Access Delate the certs for "Test CA 1"
Delete the $USER/Library/Application Support/Certificate Authority/Test CA 1/ folder
Notice in Certificate assistant "Test CA 1" is still present.
Create "Test CA 2" and make it default.
Close Certificate Assistant and reopen it and "Test CA 1" is now gone. Catch it now you can't get rid of "Test CA 2"
ddeacon wrote:
I was doing some testing in macOS Certificate assistant to create my own CA. Is there a way to delete the CA created as I was just testing something with it but cannot find out how to get rid of the CA from Certificate Assistant. I've already done the following:
-Removed certs from Keychain Access
-Deleted the $USER/Library/Application Support/Certificate Authority/TEMP CA/ folder.
TIA
D
Through the Keychain.app (?)
Where do I keep my certificates?
"Digital identities, including certificates, are stored in your keychain. This makes them available for use by applications such as Mail and Safari. Certificates for others (mail correspondents, web sites, etc.) are also stored in your keychain as your computer obtains them for you. You can use Keychain Access (located in Applications > Utilities) to view and manipulate your certificates. You can freely move and copy certificates (as distinct from their associated private key) because they don’t contain personal or private information that you need to protect. It is fine to have several copies of one certificate. If you need to send a certificate to someone else, you can export it using Keychain Access and send it safely through email or by other means. Likewise, if someone sends you a certificate, you can add it to your keychain by dropping it onto Keychain Access, or using File > Import Items… menu in Keychain Access."
See if there is anything here—
Create your own certificate authority in Keychain Access on Mac - Apple Support
Create self-signed certificates in Keychain Access on Mac - Apple Support
Can't find Certificate Assistant i… | Apple Developer Forums
ddeacon wrote:
I already deleted the certs from the Keychain. I’m looking to delete the Certificate Authority from Certificate Assistant.
Q: Deleting or modifying personal certificate authority - Apple ...
if no insight or resolve—Call Customer Support (800) MY–APPLE (800–692–7753)
or on line Apple Support
I already deleted the certs from the Keychain. I’m looking to delete the Certificate Authority from Certificate Assistant.
Delete a CA from Certificate Assistant
