I recently moved computers, and since then I can no longer import certificates into my login keychain. I have:
- Tried using Keychain First aid
- Tried running reset password in recovery mode to reset permissions
- Tried running disk first aid and resetting permissions
None of these have helped. I still get [UNIX]Permission Denied when I try to import.
So I tried a few other experiments:
- I tried deleting old passwords from the keychain. that worked fine
- I made a new keychain, development, and imported the certificate there. that worked fine too.
So for whatever reason, something is wrong with my login keychain. Is there a way to export everything and re-import into a new copy? I looked on the Apple web site, but it's hopelessly out of date.
Best Answer
I hope this helps someone in the future:
The list of keychains, notably
login.keychain, is stored in~/Library/Preferences/com.apple.security.plistThe
system.keychainand similar are found in/Library/Preferences/com.apple.security.plistIf those files have wonky permissions, you'll have problems doing anything. Even if the keychain files themselves are fine, if the OS is unable to edit those two files it just silently fails in weird ways. Notably, Keychain Access will keep forgetting about the whole login chain, and anything you add or remove from it.
This same problem may apply to the keychain itself; if you can't save to it, you likely have wonky permissions.
Note that it appears Disk Utility does not fix this, although I don't know why. It seems you have to manually fix this. You can do this by doing a Get Info on a root folder and reapplying permissions. In my case the problem was that the Owner was wrong because I moved the files from another machine.