Home > News Tips

How to Trust a Certificate on Mac? (Root/Website/Self-signed)

Updated on Wednesday, January 3, 2024

iBoysoft author Jenny Zeng

Written by

Jenny Zeng
Professional tech editor

Approved by

Jessica Shee

English Français Deutsch やまと Español Português

How to Trust a Certificate on Mac? (Root/Website/Self-signed)

When you visit a website, your computer will communicate with the server that hosts the website and ensure its certificate is issued by a trusted third-party certificate authority (CA) and is functioning properly.

If it's self-signed, from an untrusted CA, missing or expired, you'll encounter a warning message like "Your connection is not private," which may prevent you from accessing the website.

However, if you're certain a website's certificate is reliable, you can manually change the certificate trust settings to regain access to it, especially for self-designed certificates. Here, we'll explain how to trust a certificate on Mac, no matter whether it's self-designed, a root certificate, or other types of website certificate.

Table of Contents:

How to trust a certificate on Mac?

To trust a certificate on Mac, you need to download and install it on the Keychain Access app first. It is a built-in tool for managing certificates, keys, passwords and security notes. If you have already installed the certificate, jump to step 3. 

If you haven't, consider downloading it from a trustworthy resource. Or, if you're using Google Chrome and have received the warning "Your connection is not private," you can follow the steps below to view or download the certificate on Mac.

Step 1: How to download untrusted website certificate from Chrome:

  1. Open the website whose certificate you want to trust.
  2. Click the red warning sign on the left side of the address bar.
  3. Select "Certificate is not valid."
    Check certificate on Chrome
  4. Click Details > Export, then save it to a desired directory.
    Download certificate on Chrome

 Warning: Be reminded that you should only trust certificates from a trustworthy website because you may risk your personal information and security otherwise.

Step 2: Then you can install the certificate on Mac with the following steps:

(These steps are based on macOS Ventura and may be slightly different on other macOS versions.)

  1. Open Finder, then launch Keychain Access from the Applications > Utilities folder.
  2. Select "System" in the lefthand column.
  3. Click File > Import Items.
    Import certificate on Mac
  4. Select the certificate and click Open.
    Add a certificate on Mac

Step 3: After it's installed, you can trust the certificate on Mac with the steps below:

  1. In Keychain Access, click the Certificates tab and search for your certificate in the search bar. (If you're unclear about its name, you can look for files with a red x icon.)
    Find the certificate on Mac
  2. Double-click the certificate and expand the Trust section.
  3. Select "Always Trust" in the box next to "When using this certificate."
    How to trust a certificate on Mac
  4. Close the window.
  5. Enter your administrator password to save the change.

Hopefully, you are now clear about how to trust a website certificate on Mac. If you think the steps are helpful, share it with more users.

 

This root certificate is not trusted on Mac?

This root certificate is not trusted message

Root certificates are used to verify the authenticity of other digital certificates, including SSL certificates. If you see the message "This root certificate is not trusted," you can trust the root certificate on Mac using the Keychain Access app, as mentioned above.

How to trust root certificate on Mac:

  1. Open the Keychain Access app from the Applications/Utilities folder.
  2. Go to the category "Certificates" and find the untrusted root certificate.
  3. Double-click it and expand the "Trust" section.
  4. Set the "When using this certificate" to "Always Trust."
  5. Click the red cross to exit the window and enter your admin password to save the modfication.

 

FAQs regarding how to trust a certificate on Mac

A

If your certificate is not trusted on Mac, it usually means that it's expired, missing, self-signed, or signed by a untrusted third-party certificate authority.

A

You can add a certificate to trust store with the following steps:
1) Download the certificate.
2) Open KeyChain Access from the Applications/Utilities folder.
3) Select "System."
4) Drag and drop the certificate into Keychain Access and enter your admin password.

A

Here are the steps to find the TrustStore path on Mac:
1) Open Finder, click Go > Go to Folder.
2) Type "/System/Library/Security/Certificates.bundle/Contents/Resources/TrustStore.html" and hit Enter.
3) Open TrustStore.html to view all the trusted root certificates on your Mac. (The Trust Store version number is in the upper-right corner of the page.)