Skip to main content
Skip table of contents

macOS Keychain Certificates

You can add and remove certificates provided by the Signum agent to the macOS keychain. This is required to be able to use keys with native tools like Codesign and Productsign.

Use the signum-util tool with the keychain command to add and remove certificates.

Private keys cannot be exported from the HSM.

Adding to Keychain

The signum-util keychain --add command adds all certificates to the keychain:

CODE 
signum-util keychain --add
CODE 
Certificate with alias [Signum-RSA-4096] and ID [21] was added successfully to the KeyChain

After adding to the keychain, the certificate(s) should be listed:

CODE 
sc_auth identities
CODE 
SmartCard: com.keyfactor.signum.token:21
Unpaired identities:
C08811A3E3E1CA52F4629433E700FA44B42EA701	Signum-RSA-4096

Removing from Keychain

To remove certificates from the keychain, run the following command:

CODE 
signum-util keychain --clear
CODE 
Signum certificates where successfully removed from the KeyChain

After removing from the keychain, the certificate(s) are removed and will not be available to the keychain.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close