Adding a Self-signed Certificate to Mac OS X

This tutorial, based on Mac OS X 10.6 Snow Leopard, adds SSL certificates in order to facilitate connections to servers, specifically the local RADIUS server at GAA. To add a self-signed server certificate to a Mac, first transfer the ‘.crt’ file onto your Mac.

Click on the ‘.crt’ file to open the keychain, where you can import the ‘.crt’ file. A window pops up asking if you trust the certificate. Click on “Always Trust” only if you are certain of the origin of the ‘.crt’ file.

You will then be prompted for your username and password to allow the ‘.crt’ file to be added to your keychain.

After entering your username and password, you will be redirected to the Keychain Access program which will now show a newly added certificate. You can close Keychain Access and now you will be able to connect to, and fully trust, the server for which the ‘.crt’ file was given.

What is this certificate stuff for? Just in case you’re wondering, the certificate acts as a unique identifier for the server. It verifies that the server you are connecting to is actually the real server that you should be connecting to. This helps prevent man-in-the-middle (MITM) attacks which can compromise your security.