Can't import public key into OSX Keychain

Its a bug in OSX. You can import from the command line as per this answer:

https://stackoverflow.com/a/11979625/59198

The command is:

security import pub_key.pem -k ~/Library/Keychains/login.keychain

You'll then need to rename the key in keychain.app


The certificate actually contains a copy of the public key (along with a name, and a signature from the certificate authority saying that name and that public key go together). Normally you don't need to deal with the public key as a separate item if you're using a certificate-based system like SMIME. If you wanted to, you could extract a copy of the public key from the certificate using the openssl x509 command.

(I wonder if Keychain is refusing to import the public key because it thinks it already has a copy, in the certificate? Keychain's error messages are usually pretty vague.)


A .p12 file can hold your key pair. You'll be prompted for a password if it contains your private key. Keychain will show the private key in a nested way. If imported correctly it should show under 'My Certificates'.