Keychain Access exported .pem certificates cannot be re-imported

Originator:haikusw
Number:rdar://7092640 Date Originated:7.24.2009
Status:Open Resolved:
Product:Mac OS X Product Version:10.5.7
Classification:Data Loss Reproducible:Always
 
Summary:   Creating a Certificate authority signing request (Keychain Access, Certificate Assistant: "Request Certificate from Certificate Authority") generates a public/private key pair. If you export the public key (.pem format) and the private key (.p12 format) and then you delete them both from the keychain.  If you then try to import the exported versions (via drag and drop or import menu item) the public key cannot be imported and Keychain Access gives the following error:  "An error has occurred.  Unable to import an item.  The contents of this item cannot be retrieved."

If you import the .p12 file you get a password prompt (no prompt text though) and then you get the same error, but it does actually seem to have successfully imported the private key (appears in the list and seems correct).

switching the order of importing the two files does not seem to change the behavior.


this is a _serious_ problem as I now have certificates I can't get back into my keychain and use.

Comments

Still doesn't work on Yosemite

6 years later and still it's an issue on OS X Yosemite.

Importing from command line worked fine, thx for the workaround.

thank you for this workaround

I have to develop the same app in two different places regularly, and the cert import (by keychain) just doesn't work. thank you to this workaround method. it is 2013 May 21st and this is still in-need and useful.

By kitthaman at May 21, 2013, 2:41 a.m. (reply...)

Let's have a nice round of sarcastic clapping for Apple....

Apparently still an issue as of 2012-03-14--2.6 years later! Workaround still effective. Thanks Dave!

Work-around provided by Dave K.

You can use the 'security' command line tool:

security import priv_key.p12 -k ~/Library/Keychains/login.keychain

security import pub_key.pem -k ~/Library/Keychains/login.keychain

this seems to work here. Thanks Dave!


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!