Add client certificate to keychain on macOS

From SNIC Documentation
Revision as of 13:19, 16 November 2020 by Jens Larsson (NSC) (talk | contribs)
Jump to: navigation, search


Most applications on macOS (previously named OS X) uses Keychain, the operating system certificate store, to avoid forcing users to add/import the certificate in all applications where it's used.

This procedure describes how to add a client certificate to the login Keychain using the Keychain Access utility.

The common reason for having to do this is having used the Firefox web browser to obtain a client certificate and you wish to make it available to other applications (for example Safari and Cyberduck).

As an alternative to export from Firefox and adding the exported certificate to the Keychain you can simply request an additional certificate using the Safari web browser, which stores it directly into the Keychain.


  • Launch Keychain Access by opening Finder and navigating Applications -> Utilities -> Keychain Access
  • Make sure the login keychain is selected.


  • Import Items... on File menu.


  • Locate the certificate backup made from Firefox or other web browser.


  • Enter the password chosen backup time which protected the certficate and key backup.


  • If successful, the imported certificate should appear in the list of certificates for the login keychain.


< Requesting a grid certificate using the Sectigo SSO Portal