ERR_CERT_AUTHORITY_INVALID exception on Mac

PeculiarVentures / fortify

Fortify enables web applications to use smart cards, local certificate stores and do certificate enrollment. This is the desktop application repository.

https://fortifyapp.com

Other

114 stars 32 forks source link

ERR_CERT_AUTHORITY_INVALID exception on Mac #475

Closed microshine closed 2 years ago

microshine commented 2 years ago

Fortify adds Fortify Local CA certificate into the trusted list of KeyChain. But certificate is not trusted after that

microshine commented 2 years ago

Fortify uses the next terminal commands to remove/add SSL certificate

sudo security delete-certificate -c "Fortify Local CA" /Library/Keychains/System.keychain    
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/.fortify/ca.pem

Looks like fortify@1.8.3 has got the problem with admin privileges. It uses sudo-prompt module.

microshine commented 2 years ago

Executing of add-trusted-cert via sudo-prompt prints the next message

Error: Command failed: security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/.fortify/ca.pem SecTrustSettingsSetTrustSettings: The authorization was denied since no user interaction was possible.

microshine commented 2 years ago

The issue appears to be the same as: https://github.com/jorangreef/sudo-prompt/issues/137

donskov commented 2 years ago

Should be resolved in https://github.com/PeculiarVentures/fortify/releases/tag/1.8.4.