Error Getting Keychain Handle Certtool
Gary Robinson
my new iBook, I created a new Keychain and thus lost any custom certificates. After 3 days, clicking through 4 warnings every time you start up mail.app becomes annoying, even on http://www.lists.apple.com/archives/macos-x-server/2004/Mar/msg01051.html a jiffy G4. The solution however, is surprisingly simple (much simpler than I recall at least from the previous time.) Make sure you have your certificate in a plain textfile, for instance http://blog.gargleblaster.org/2004/11/15/import-ssl-certificate-into-keychain-os-x.html imapcert.crt.
#sudo /usr/bin/certtool i imapcert.crt v k=/System/Library/Keychains/X509Anchors
...certificate successfully imported.
That’s all folks! Credits go to: whoopis.com Update 9 mar 05 In my current Panther Server this method fails,
***Error getting keychain handle : SecKeychainGetDLDBHandle: SecNoSuchKeychain
Googling and ADC doesn’t bring up anything helpfull. However,drag’n’drop does work as well. Just throw your .crt on the keychain.app and make sure you select X509 anchors to import to. I really think mail.app should handle this properly instead of f (bad word) around with keychain.app © Merlijn Tishauser 2016 Follow: TwitterGithub
search in one of my setsExclude this search from one of my sets http://markmail.org/message/szyu43d2tbqeyoxe 2 messages in com.omnigroup.macosx-adminRe: certtool problemFromSent OnAttachmentsJános LöbbJan 15, http://ask.metafilter.com/8317/Mail-certificate-in-Mac-OS-X-103 2004 9:15 am János LöbbJan 16, 2004 8:52 am Subject:Re: certtool problemFrom:János Löbb (jano...@yale.edu)Date:Jan 16, 2004 8:52:37 amList:com.omnigroup.macosx-adminFolks, I am still having problems with certtool. I booted into OSX Server 10.3 /Developer version/. Enabled root. Opened a terminal window as root and error getting tried to follow the steps in http://developer.apple.com/server/security_ssl.html I am still getting errors when I try to create a keychain with certtool patha246:~ root# certtool c k=/private/var/root/Library/Keychains/certkc ***Error getting keychain handle At this point I opened Keychain Access and created the keychain via the GUI. I also tried to import the error getting keychain previously created .pem file into the newly created certkc keychain via the GUI, but I got an error dialog: "An error occurred. Unable to import an item. -2147411890" Then I went back to certtool and tried patha246:~ root# certtool i /private/var/root/newreq.pem k=certkc ***Error getting keychain handle I also tried with the full path: patha246:~ root# certtool i /private/var/root/newreq.pm k=/private/var/root/Library/Keychains/certkc ***Error getting keychain handle What am I doing wrong ? Is the article right ? Is there anyone outta there who succeeded using it? Thanks ahead, János Who went back to reading man pages On Jan 15, 2004, at 12:15 PM, János Löbb wrote: Folks, I am trying to follow the article at http://developer.apple.com/server/security_ssl.html to setup a certificate I do not do it as root, but as an admin. When I get to the point of creating a new keychain, I am getting an error: Janos:~ janos$ certtool
MetaFilter querying the hive mind Log In Sign Up MetaFilter AskMeFi FanFare Projects Music Jobs IRL MetaTalk More Best Of Podcast Chat Labs Search MetaFilter… Menu Home FAQ About Archives Tags Popular Random Mail certificate in Mac OS X 10.3? June 28, 2004 8:05 PM Subscribe How do I PERMANENTLY install a mail certificate in MacOS X 10.3? (more inside...) I have an IMAP mail account that requires a certificate in order to send mail through the server. The annoying part is that every time I quit mail.app, it apparently forgets that I accepted the certificate already, and the next time I try to send mail I have to re-install the certificate. Granted, it only takes a mouse click, but I'd rather not have to do it every time.... I've checked all the usual suspects (MacOSXHints, Google...) but haven't found a satisfactory answer. posted by 40 Watt to Computers & Internet (5 answers total) Oh god, I was just wrestling with this in Thunderbird osx. I have a mail server with a certificate on the host's domain, but not mine, so it asks me for verification every single time. I hope someone has a good answer for this one.posted by Hackworth at 9:01 PM on June 28, 2004 Try searching Mac OS X help for "import certificate." In short, drag the certificate file onto Keychain Access.posted by kindall at 9:25 PM on June 28, 2004 Kindall, I tried that already. Didn't seem to do anything. At least, I still have to click to install the fershlugginer certificate every time. On preview, I just got an email from a good friend of mine who isn't a MeFi member and thus, can't post himself...but here's the gist of it: Saw this: http://ask.metafilter.com/mefi/8317 Here is what you need to do: cd /tmp/ curl -O [insert URL of certificate here] cd ~/Library/Keychains/ cp /System/Library/Keychains/X509Anchors . certtool i /tmp/CA.crt k=X509Anchors sudo mv X509Anchors /System/Library/Keychains/. ...then restart your mail reader/web browser. You should be golden. This should also work with any certificate and any application, for all users. (The first two lines get the certificate. The rest install it.) Customized from: http://www.macosxhints.com/article.php?story=20030124064421978 I'll try it out and see how it goes.posted by 40 Watt at 9:52 PM on June 28, 2004 well, that didn't seem to work. I got: ***Error getting keychain handle grr.posted by 40 Watt at 9:58 PM on June 28, 2004 whoops. OK, never mind. missed a step. That's what I get for poking around in ther Terminal after bedtime. *sheepish grin* OK, works like a charm. I'm goin' to bed.posted by 40 Watt at 10:12 PM