Applies to: Centrify DirectControl On Mac OS X
- When attempting to deliver a certificate to the Mac OS X keychain via group policy, the certificate does not appear in the keychain.
- When attempting to manually import a certificate into the Mac OS X keychain, the import fails with: Error -67762
By default, Mac OS X does not allow certificates that are 8192 bits long to be imported due to potential performance issues.
Manually allow longer certificates to be imported.
- Open up terminal.app located in /Applications/Utilities/Terminal.app
- For OS X 10.9 and above, type the following command into Terminal and hit return:
sudo defaults write /Library/Preferences/com.apple.security RSAMaxKeySize -int 8192
- For OS X 10.8 and below, type the following command into Terminal and hit return:
sudo defaults write /Library/Preferences/com.apple.crypto RSAMaxKeySize -int 8192
- Reboot the machine
- Try to import the certificate again. If the certificate is being delivered via Group Policy, an adgpupdate will need to be performed in the Terminal.