Keychain: "certificate signed by an untrusted issuer"

Discussion in 'macOS' started by seleneS, Aug 26, 2011.

  1. seleneS macrumors member

    Joined:
    Jul 28, 2010
    #1
    I see that warning in red in my keychain, it's issued by Token Signing Public Key. What is this? Should I delete it?
     
  2. wackymacky macrumors 68000

    wackymacky

    Joined:
    Sep 20, 2007
    Location:
    38°39′20″N 27°13′10″W
    #2
    What is using the token? Is in an OS service, an app, or a external soruce?

    It comes down to do you trust the source.
     
  3. seleneS thread starter macrumors member

    Joined:
    Jul 28, 2010
    #3
    I don't know what is using the token. It says "Key Usage: Encrypt, Verify, Wrap, Derive" under the "Public Key Info" and something about "Usage: Digital Signature, Key Encrpherment".

    Issuer Name is "Token Signing Public Key", and I have no idea what it is.
     
  4. r0k macrumors 68040

    r0k

    Joined:
    Mar 3, 2008
    Location:
    Detroit
    #4
    Certificate security is a big mess. Some companies spend the time and trouble to get their keys set up properly. Many do not. I get certificate and ssl warnings all the time. Deleting a key because it is red may cost you access to something you need but didn't realize it. And guess what? Your Mac generates a key for you and it turns out you are the untrusted authority keychain access is complaining about. I have two certificates in my keychain. They BOTH say they were signed by an unknown authority. Big whoop. I don't choose to delete them. One is my mobile me key. It was generated for me by Apple yet it shows up as unknown. The other is something to do with my iPhone. Again it shows up as unknown.

    Put the delete button down. Back away from keychain access. Put out those torches. Put down those pitchforks. Put down those feathers. You can keep the tar. :D
     

Share This Page