Cannot export private key from System.keychain with Keychain Access or command line
I'm trying to export a private key from System.keychain in Keychain Access. I've tried running Keychain Access as a root. No matter what, I always get the following error.
When I try to export the private key via the command line I get the following.
security: SecKeychainItemExport: The contents of this item cannot be retrieved.
Most likely, your key was imported with -x
option for security import
:
<...> -x Specify that private keys are non-extractable after being imported. <...>
When you try to export a key, Security Framework checks whether this attribute is set and refuses to export the key.
Of course, the key is still there and you might be able to find a way to extract it (see this question).