Skip to main content

Certificate in Keychain Access.app Marked as Not Trusted

Updated over 3 weeks ago

Issue Description

Certificates are installing correctly into the system keychain, but are marked as not trusted.

Troubleshooting Steps

Ensure that the full chain of trust for the certificate has also been installed along with the desired certificate. The root and intermediate(s) certificates are required if the certificate chain includes them.

To view the certificate chain:

  1. Open Keychain Access.app and select the untrusted certificate from the System Keychain.

  2. In the menu bar navigate to Keychain Access > Certificate Assistant > Evaluate "<certificate name>"...

  3. In the new pane that opens, keep "Generic (certificate chain validation only) selected and press Continue.

  4. In the next window click the "Show Certificate..." button and you will be presented with the certificate chain.


Related Articles
How do I deploy Carbon Black Cloud with Jamf School?
FileVault Configuration Profile Certificate in Jamf Pro
Mobile Device Configuration Profile Restrictions in Jamf Pro
Expired Signing Certificate Message in Jamf School
Strong Certificate Mapping - Microsoft Registry Workaround to Use Compatibility Mode
Did this answer your question?