I use three Macs for development of a web application. On each of the Macs (macOS 14.4) I used mkcert
to install a local CA and to issue developer certificates (all separately). Accessing the web app with https://localhost:8080
works fine on two Macs with all browsers, but on one Mac Safari claims to have another root CA for localhost which it does not trust. And I cannot override the trust settings.
Using Keychain Access I do not find this certificate. Safari shows it like this:
Scrolling down I can see DNS Names localhost, localhost.localdomain and lvl.me, so I suspect it is a leftover from trying to install a root CA before using mkcert.
The mkcert
certificate looks like this and I can see it in the System keychain:
So Safari complains and I cannot tell it to trust the server certificate as the CA does not fit (I think). Firefox and Chrome open the website just fine after warning me and me telling them to do so.
I tried to find the wrong CA using Keychain Access and Terminal (security find-certificate -a -c localhost
, security find-certificate -a -c lvh
...) but in vain.
Where can I find this certificate and how can I delete it?