1

I'm trying to import .p12 certificate into the keychain on my mac via bash script. So far, I've been trying:

  1. sudo security import command. It returns that import was successful but, in fact, it never gets imported into any keychain.
  2. sudo security add-certificates -k /Library/Keychains/System.keychain certificate.p12

it throws the following error:

Password: SecCertificateCreateFromData: Unknown format in import.

The only thing that worked for me was the .cer format via this command: sudo security add-certificates -k /Library/Keychains/System.keychain certificate.cer. It does import the certificate into the keychain and I can see it in the keychain access.

But I only have .p12 certificates. Could anyone help me with that one, please?

ArtemNovikov
  • 111
  • 2

1 Answers1

0

You will need to convert it to .pem format first. You can do so with openssland then try and import it.

To convert the certificate, you can use this command

$ openssl pkcs12 -in certificate.p12 -out certificate.pem -passin pass:[password]
sseLtaH
  • 2,706
  • 1
  • 6
  • 19
  • Thanks, it works! But how do I pass the import password via command itself? So that I didn't have to enter it in the terminal I can't find it in my keychain access for some reason by the way – ArtemNovikov Sep 17 '22 at 17:16
  • @ArtemNovikov Please check edit – sseLtaH Sep 17 '22 at 17:17
  • yeah, thanks, figured it out. But I can't see the imported certificate in my keychain access. When I try to import it again, it says `certificate.pem: already in ~/Library/Keychains/login.keychain` – ArtemNovikov Sep 17 '22 at 17:25
  • @ArtemNovikov It would seem you already have a cert in the directory. Move it elsewhere then try the steps again to add the cert. – sseLtaH Sep 17 '22 at 17:31
  • I manually deleted it from the keychain access before trying these steps with converting to .pem and importing again. Maybe there's something wrong with command I use to import? I'm trying it this way: `sudo security add-certificates -k ~/Library/Keychains/login.keychain certificate.pem` – ArtemNovikov Sep 17 '22 at 17:41