Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Delete X509 Anchor certificates via Keychain Access System
If you've ever followed the instructions in one of these hints to add an X509 anchor ... and later regretted the fact, you might have looked for a way to delete the certificate. If, like me, you searched in vain for a way to do so, this hint is for you.

It's really quite simple. In Keychain Access (in /Applications: Utilities), select "Add Keychain� from the File menu. Maneuver your way to /System/Library/Keychains, and add X509Anchors. (You shouldn't need X509Certificates.) Once you've added the keychain, it'll appear in the drawer. Select it, and you can view any of the certificates. You can manage these certificates the same way you would those on any other keychain. Specifically, to delete a certificate, just click on it and hit the Delete button. Keychain Access will probably ask you for your own password.

Note that there's no need to unlock the keychain, as it's stored unencrypted on disk. Indeed, if you attempt to unlock it, you won't be able to supply a valid password. Presumably, Apple should recognize unencrypted keychains and disable the Unlock button for them.
    •    
  • Currently 2.40 / 5
  You rated: 5 / 5 (5 votes cast)
 
[22,319 views]  

Delete X509 Anchor certificates via Keychain Access | 2 comments | Create New Account
Click here to return to the 'Delete X509 Anchor certificates via Keychain Access' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Why delete X509 Anchor certificates?
Authored by: Brock Lee on Jan 31, '05 01:35:30PM

If you've ever followed the instructions in one of these hints to add an X509 anchor ... and later regretted the fact, you might have looked for a way to delete the certificate.

Would you please explain why you regretted having added an X509 anchor? What are the non-obvious implications of doing that?

Thanks!



[ Reply to This | # ]
Why delete X509 Anchor certificates?
Authored by: TrumpetPower! on Feb 01, '05 12:35:47PM

Would you please explain why you regretted having added an X509 anchor?

Simple. I created my own certificate authority...and screwed up when I created it. Hardly surprising since it was the first I ever created. It's also not too surprising that I didn't realize my mistrakes until after I had installed it as an X509 anchor.

Cheers,

b&



[ Reply to This | # ]