Error -2147415740 from Keychain when importing a root CA certificate
Running "openssl x509 -inform pem -in cacert.pem -text" shows the certificate as valid, and specifically:
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (8192 bit)
Modulus (8192 bit):
I've seen a few other reports of this, and it seems to be tied to the certificate being signed with an 8192 bit key. Asking the company to change to a lower key to sign the certificate is not a possibility, as it would require redistribution across a high number of machines to work around what appears to be an OS X specific bug. Does anyone know a workaround?
Out of curiosity, I took the certificate and imported it successfully into an iBook running OS X 10.4.0. The certificate continues to work all the way up to 10.4.8, but breaks once Security Update 2006-007 or 10.4.9 is applied. The certificate is also imported just fine on an iPad running iOS 4.2.1.
For now, I have to avoid using any Apple provided tools, and many 3rd party OS X programs, negating the benefit of using OS X and an iMac.
iMac 27 inch, Mac OS X (10.6.5)