Exporting a Certificate from Firefox into OS X Keychain

A while ago, I showed you how to get a free certificate from CACert.org. Now I’ll talk about getting that certificate out of Firefox, and importing it into OS X Keychain so that you can use it for secure e-mail. You might want to brush up on how Keychain works if you’ve never used it before.

The first step is removing the certificate from Firefox. Go to Firefox->Preferences and click the “advanced” logo at the top, then the “encryption” tab. Finally, click the “View Certificates” button. You should see a list of all the certificates you have. Unless you went through the trouble of getting your CACert certificate assured, it’ll just say “CACert WoT User”

If you highlight the certificate and click the “Backup…” Button at the bottom, you’ll be asked for where to save the file. You’ll notice at the bottom that the Save As type is PKCS12. This is a common format for transferring both your public and private key between computer systems. You will be asked for a password to protect your private key – this is so that only you can open it when you’re ready. And you will now have a .p12 file wherever you saved it. Since I’m just importing into Keychain, I saved it to my desktop.

Now, you’ve exported your certificate from Firefox, and it’s time to import it into OS X Keychain. This is as simple as double clicking on the file you just saved. The first window you’ll see is a confirmation that you want to import the certificates into your login keychain.

It will ask you for the password that protects the file.

Once you’ve typed in your password, the certificate is now part of OS X Keychain, and can be used by any application that uses Keychain.

Of course, this can be used to export certificates from Firefox into any application or framework that supports P12 files (most do).

Each Tuesday, Security Musings features a topic to help educate our readers about security. For more information about Gemini Security Solutions’ security education capabilities, contact us!