How to Extract Root CA certificates from Websites to Use in Mobile Apps

Last updated April 17, 2023 by Appdome


Extracting a Root CA from a website can be useful in situations where the CA certificate must be viewed, validated, or installed on another device.

This Knowledge Base article summarizes the simple steps needed to extract Root CA certificate for future use.

We hope you find it useful and enjoy using Appdome!

Extracting a single Root CA for a specific website using Chrome browser

This section explains the steps needed to extract a Root CA certificate for a single website. We will use as an example.

  1. Use Chrome browser to open the required website, for ex.
  2. Click on the lock icon on the left of the website address and then on the row Connection is secure.
  3. Click on the Show certificate (arrow) icon on the right of the row Ceritificate is valid.
    Screenshot 2023 01 08 At 18.05.12
  4. In the newly opened window, switch to Details tab.
  5. Use the Details tab to select the top certificate in the Certificate Hierarchy (make sure the scrollbar is all the way up).
  6. Click Export… on the bottom to export the Root CA certificate.
  7. Save the certificate file.

Extracting all CA certificates from MAC

To extract all CA certificates from a MAC workstation:

  1. Open the Spotlight search.
  2. Enter Keychain Access.
  3. Select System Roots
  4. Click on the top entry, scroll down to the bottom of the list and click on the bottom entry while holding “Shift” button on your keyboard. This will select all of the certificates:
  5. Right-click the selected list and select the Export command, as shown below.
  6. Save the certificates in easily accessible folder, for example Certificates.pem in the Documents folder as suggested by default.
    Now that all certificates are saved in a single file, you need to split the certificates so each certificate is saved in a separate file.
  7. Open Finder again and go to Applications > Utilities > Terminal.
  8. Type:
    cd <Folder_Selected_For_Saving_Certificate_File>;
    in this example: cd Documents
  9. Copy and paste the following command into the terminal to split the certificates into separates files:
    mkdir Certificates && csplit -n5 -k -f Certificates/cert Certificates.pem ‘/END CERTIFICATE/+1’ {99999}

Now you should have Certificates directory with certXXXXX files while XXXXX is the certificate index.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.


let's solve it together

ScottMaking your security project a success!
By filling out this form, you opt-in to recieve emails from us.