Help

WiFi and VPN certs into System Keychain

Cayde-6
Release Candidate Programs Tester

Posted on ‎02-26-2019 10:58 AM

Hi all,

Originally on high Sierra our WiFi and VPN certs belonged in the system keychain bit since 10.13.4 roughly they started to appear in the login keychain.

The User login keychain gets deleted following a password reset using the FV2 recovery key method.

Are there other people in a similar position?

How do I get these certificates back into the system keychain?

2 REPLIES 2

cprimero
New Contributor III

Posted on ‎02-26-2019 11:25 AM

How are the certs handed out? via config profile?

Ultimately if you are looking to do this via script you can use /usr/bin/security.
If you do a 'man security', you will find the export and import arguments and move the certs between the 2 keychains
/Users/$loggedinuser/Library/keychains/login.keychain.db
to
/Library/Keychains/System.keychain

0 Kudos

Cayde-6
Release Candidate Programs Tester

Posted on ‎02-26-2019 12:55 PM

They are installed from a generated configuration profile for each device

0 Kudos