Backing Up and/or Moving Certificates in Mac OS X
This procedure is useful for:
Backing up your certificates to data storage media, such as CDs or flash drives, or to secure online storage, such as WebSpace.
Moving your certificate files to other computers and devices where you want to sign or encrypt data.
Exporting certificates from the Mac OS X Keychain
Treat the files that you export as very sensitive data. You are exporting both your public and private keys. If someone else has access to your private keys, they can attach your electronic signature or encrypt files with your information.
In the Finder, open Utilities and then open Keychain Access.
Select your signing and encryption certificates from the list of displayed keychain items.
From the File menu, select Export.
Enter the name of the file you are exporting and select the P12 format.
Choose the location and filename destination where you want to export your certificate and click Next.
When prompted, create a password for the certificate files.
Be sure that you create a password that you will be able to remember at a later date or that you can store it in a separate location that is also secure. The password will be required to move the files to another computer or device or if you ever have to use the files to restore your certificates.
If you are creating a backup copy
There are several options for storing your backup copy of your certificates. You can:
Use portable media, such as a flash drive. Save the files to the drive and then store the flash drive in a secure location, such as a locked file cabinet or a safe.
Use a CD. Write the files to the CD and then store the CD in a secure location, such as a locked file cabinet or a safe.
Save the certificate files to a folder in WebSpace, which is considered to be very secure. Make sure that you save them in a folder that is not readable by an other person or group.
Remember that you MUST have the password you created in step 6, above, in order to use the backups.
Please do not ask anyone else, such as desktop support staff, to store the backup copies of your certificates for you. It is a security risk to allow someone else to have access to the private keys that are included in the backup files.
If you are moving the files to another device or computer
There are several options for moving your certificate files from one machine to another. You can:
Use portable media, such as a flash drive. Save the files to the drive in the first computer and then move the flash drive to the other computer.
Use a CD. Write the files to the CD and then move the CD to the other computer.
Email the certificate files to yourself from the first computer, and then open the email on the other computer. You can save the files the way you would any other attachment.
Save the certificate files to a folder in WebSpace, which is considered to be very secure. Make sure that you save them in a folder that is not readable by an other person or group. You can log into WebSpace on each computer where you want to install the certificates.
On each computer where you move the certificates, you must save the files to the operating system certificate store and then configure the programs where you want to use the certificates.
Last updated December 10, 2012 @ 2:55 pm