How to Extract Root CA certificates from Websites to Use in Mobile Apps

Last updated January 30, 2022 by Appdome


Extracting a Root CA from a website can be useful in situations where the CA certificate must be viewed, validated, or installed on another device.

This Knowledge Base article summarizes the simple steps needed to extract Root CA certificate for future use.

We hope you find it useful and enjoy using Appdome!

Extracting a single Root CA for a specific website using Chrome browser

This section explains the steps needed to extract a Root CA certificate for a single website. We will use as an example.

1.  Use chrome browser to open the required website, for ex.


2. Click on the lock icon on the left of the website address and then on the “Valid” word under Certificate:


3. In the newly opened window, switch to “Details” tab:

4. In the details tab, select the top certificate in the Certificate Hierarchy (make sure the scrollbar is all the way up). Press “Export…” button on the bottom to export the Root CA certificate.

5. Save the certificate file.

Extracting all CA certificates from MAC

This section explain the steps needed to extract all CA certificates from a MAC workstation

  1. Open Finder
  2. Go to Applications -> Utilities -> Keychain Access
  3. Select System Roots

4. Click on the top entry, scroll down to the bottom of the list and click on the bottom entry while holding “Shift” button on your keyboard. This will select all of the certificates:

5. Right click on the selected list and choose “Export XYZ items…” while XYZ is the number of certificates installed on your system:

6. Save the certificates in easily accessible folder, for ex. “Certificates.pem” in the “Documents” folder as suggested by default:

7. Now we have all certificates saved in a single file. Next, we need to split the certificates so each certificate is in a separate file. Open Finder again and go to Applications -> Utilities -> Terminal

8. Type:


in our example it is

cd Documents

9. Copy & paste the following command into the terminal to split the certificates into separates files:

mkdir Certificates && csplit -n5 -k -f Certificates/cert Certificates.pem '/END CERTIFICATE/+1' {99999}

10. Now you should have “Certificates” directory with certXXXXX files while XXXXX is the certificate index.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Have a question?

Ask an expert

YoniMaking your security project a success!