Skip to main content

Command line interface to macOS keychains and Security framework.

# To list the available keychains:
security list-keychains

# To delete a specific keychain:
security delete-keychain <path>

# To create a keychain:
security create-keychain -p <password> <name.keychain>

# ---

# To dump the contents of the System Root Certificates Keychain:
sudo security dump-keychain /System/Library/Keychains/SystemRootCertificates.keychain

# To delete a System Root Certificate by its SHA-1 hash value:
sudo security delete-certificate -Z <sha1_value> /System/Library/Keychains/SystemRootCertificates.keychain

# To list all installed certificates for a given Keychain (or the System Keychain if run as root and no Keychain is specified):
security find-certificate -a | awk -F'"' '/labl/{print $4}'