3

Recently Apple posted an announcement, according to this the intermediate certificate got expired on Feb 14th and has to be downloaded manually and should replace the older expired certificate in the System keychain.

I am unable to delete the existing certificate from the Keychain, leave alone importing the new one. How do I delete the old one and replace it with the new one? enter image description here

Steps already followed: https://stackoverflow.com/a/35406327/1781918

Community
  • 1
  • 1
Anuj Rajput
  • 836
  • 9
  • 30

4 Answers4

6

I figured out how to resolve this issue.

First, I enabled the root user in my system

OS X Lion (10.7) and later

  1. From the Apple menu choose System Preferences.
  2. From the View menu choose Users & Groups.
  3. Click the lock and authenticate as an administrator account.
  4. Click Login Options.
  5. Click the "Edit" or "Join" button at the bottom right.
  6. Click the "Open Directory Utility" button.
  7. Click the lock in the Directory Utility window.
  8. Enter an administrator account name and password, then click OK.
  9. Choose Enable Root User from the Edit menu.
  10. Enter the root password you wish to use in both the Password and Verify fields, then click OK.

In the terminal, I logged in as root user

  1. Open Terminal
  2. Type su and then press Enter
  3. Enter the password you just set for the root user above. This will log you in as the root user
  4. Type cd /Library and then press Enter
  5. Type chmod 777 Keychains/. This will change folder permissions for the Keychains folder
  6. Now open the Keychain Access App and delete the Apple Worldwide Developer Relations Certification Authority certificate from the System keychain
  7. Import the renewed Intermediate certificate in your login keychain
  8. Close the Keychain Access app

Although, the certificate which you just deleted will appear again in the System keychain but all your other Developer and Distribution certificates will become valid again.

Make sure you set back the Keychains folder permission back to 755

chmod 755 Keychains/

Anuj Rajput
  • 836
  • 9
  • 30
  • 2
    This is a great answer and should get lots and lots of up-votes!! I've been struggling with this forever now - thanks. Apple really did a number on us with this one... – o.shnn Feb 25 '16 at 09:26
0

The error message says "Operation not permitted". So you don't have the necessary access right. To solve this click on the lock in the upper left corner of the keychain and enter your password.

Lock in the keychain window

After you entered your credentials you should be able to delete the old certificate.

audience
  • 2,412
  • 21
  • 18
  • To perform any action in the Keychain, this is the first thing which needs ti be done. It prompts for user credentials if the keychain is locked. No, this is not the solution – Anuj Rajput Feb 19 '16 at 17:59
  • So your lock is open like on my screenshot? Have you tried to open the new certificate in the keychain to overwrite the old one? – audience Feb 19 '16 at 18:02
  • It shows an error "An error occured. Unable to import 'Apple worldwide Developer Relations Certification Authority'. Error: 100001" when I try to overwrite it by dragging the new certificate file. Yes, the lock is open – Anuj Rajput Feb 19 '16 at 18:04
  • I think it's a permission problem. Do you have administration rights on your system? – audience Feb 19 '16 at 23:08
  • It's my personal system. I am the only administrator of the system – Anuj Rajput Feb 20 '16 at 01:50
  • Sorry. I have no other idea, where the error comes from. – audience Feb 22 '16 at 07:49
0

I was able to delete the certificate by first viewing the expired certificate in system keychain and then deleting them. Then rechecking if the certificate was deleted from the certificate keychain as well. Then downloading new certificate and installing them. This might help you.

Community
  • 1
  • 1
Nikhil Lihla
  • 607
  • 6
  • 21
0

https://discussions.apple.com/thread/7357200?start=0&tstart=0

As you can see in the above link, some keys cannot be deleted while the OS is running in full mode, and you need to boot in recovery mode.

Boof
  • 1