I believe that some of the programs I downloaded in the past have installed some root certificate authorities on my Mac (the OS is Mavericks). After learning more about SSL/TLS, I figure that this is a security risk and I want to fix it. How do I distinguish these CAs from the ones preinstalled with the OS so that I can get rid of them?
Find out which certificate authorities do not come with the system
keychainssl
Related Question
- Chrome showing the site’s security certificate is not trusted for GitHub
- IMac – iTunes Producer unable to get password from the keychain
- MacOS – the root CAs stored on OS X
- IOS – “err_certificate_invalid” for only one host, on only one device, but in all browsers
- Why is the Turkish Government in the computer
- IOS – How to find out which cipher suites an iOS application uses
- Why are these corporate certificates pre-installed and is it safe to delete/“Never Trust” most/all of them
Best Answer
The list of trusted roots in Mavericks can be found here: http://support.apple.com/kb/HT6005
However, I'm not actually aware of a way to modify the "System Roots" keychain, so any new certificate authorities installed would appear in either the System or Login keychains.