WiFi and VPN certs into System Keychain

Cayde-6
Valued Contributor

Hi all,

Originally on high Sierra our WiFi and VPN certs belonged in the system keychain bit since 10.13.4 roughly they started to appear in the login keychain.

The User login keychain gets deleted following a password reset using the FV2 recovery key method.

Are there other people in a similar position?

How do I get these certificates back into the system keychain?

2 REPLIES 2

cprimero
New Contributor III

How are the certs handed out? via config profile?

Ultimately if you are looking to do this via script you can use /usr/bin/security.
If you do a 'man security', you will find the export and import arguments and move the certs between the 2 keychains
/Users/$loggedinuser/Library/keychains/login.keychain.db
to
/Library/Keychains/System.keychain

Cayde-6
Valued Contributor

They are installed from a generated configuration profile for each device