Skip to main content

Certificate in Keychain Access.app Marked as Not Trusted

Updated over a month ago

Issue Description

Certificates are installing correctly into the system keychain, but are marked as not trusted.

Troubleshooting Steps

Ensure that the full chain of trust for the certificate has also been installed along with the desired certificate. The root and intermediate(s) certificates are required if the certificate chain includes them.

To view the certificate chain:

  1. Open Keychain Access.app and select the untrusted certificate from the System Keychain.

  2. In the menu bar navigate to Keychain Access > Certificate Assistant > Evaluate "<certificate name>"...

  3. In the new pane that opens, keep "Generic (certificate chain validation only) selected and press Continue.

  4. In the next window click the "Show Certificate..." button and you will be presented with the certificate chain.


Related Articles
FileVault Configuration Profile Certificate in Jamf Pro
Mobile Device Configuration Profile Restrictions in Jamf Pro
Expired Signing Certificate Message in Jamf School
Internet Tethering on locked iPads with no Network Connection in Jamf School
Testing Jamf Safe Internet Deployment
Did this answer your question?