I am struck with a problem. I installed the p12 certificates once into a MacBookPro and then deleted it, now when I am again trying to install it keychain is simply not accepting the certificate for strange reason.

After some googling, I hit upon this link: http://www.openradar.me/7092640

Which clearly says that there is a bug with Keychain and states a workaround too. But unfortunately I do not have the .pem file, since I have not made a backup of it thinking that p12 file is sufficient (which actually is, if not for this bug!). So how do I get the .pem file so that I can install the certificates back onto the same laptop using this workaround?

Thanks for any suggestions / ideas. Raj

When you request a certificate, your Mac creates a public/private pair that will be used to download the certificate from Apple. This is why you can't download the resulting certificate from another Mac that doesn't have the original pair.

If you deleted the original pair, you have to re-import it first. If you don't have both halves of the pair, you may have request a new certificate from scratch.

If you have the originals and it won't import them to the login keychain, you might try creating a new keychain to use in the account with the "KeyChain Access" utility. If it imports the information, the Mac should be able to find it as long as you leave the new keychain open.

Quoting http://www.openradar.me/7092640:

You can use the 'security' command line tool:

security import priv_key.p12 -k ~/Library/Keychains/login.keychain

security import pub_key.pem -k ~/Library/Keychains/login.keychain

https://stackoverflow.com/a/16847082/14731 contains a similar answer.

1., open Keychain Access. 2., On the Keychains panel right click on login. Select Lock Keychain "login". 3., Then unlock it. Then the import should work.