How to Extract Root CA certificates from Websites to Use in Mobile Apps

Introduction

Extracting a Root CA from a website can be helpful in situations where the CA certificate must be viewed, validated, or installed on another device.

This Knowledge Base article summarizes the simple steps needed to extract a Root CA certificate for future use.

We hope you find it useful and enjoy using Appdome!

Extract a single Root CA for a specific website using Chrome Browser

This section explains the steps needed to extract a Root CA certificate for a single website. We will use https://appdome.com as an example.

1. Use Chrome browser to open the required website; for example, https://appdome.com:
   
2. Click on the lock icon on the left of the website address and then on the row Connection is secure.
   
3. Click on the Show certificate (arrow) icon on the right of the row Certificate is valid.
   
4. In the newly opened window, switch to the Details tab.
   
5. Select the top certificate in the Certificate Hierarchy (make sure the scrollbar is all the way up).
   
6. Click Export… on the bottom right to export the Root CA certificate.
7. Save the certificate file.

Extracting all CA certificates from MAC

To extract all CA certificates from a MAC workstation:

1. Open the Spotlight search.
2. Enter Keychain Access.
3. Open Keychain Access
4. Select System Roots
   
   
5. To select all the certificates at once, click on the top entry, scroll down to the bottom of the list, and click on the bottom entry while holding the “Shift” button on your keyboard.
   
6. Right-click the selected list and select the Export command, as shown below.
   
7. Save the certificates in an easily accessible folder, for example Certificates.pem in the Documents folder as suggested by default.
   
   Now that all certificates are saved in a single file, you need to split the certificates so each certificate is saved in a separate file.
8. Open Finder again and go to Applications > Utilities > Terminal.
9. Click the Launchpad icon in the Dock, type Terminal in the search field, then click Terminal.
10. Type:
    cd <Folder_Selected_For_Saving_Certificate_File>;
    in this example: cd Documents
11. Copy and paste the following command into the terminal to split the certificates into separates files:
    mkdir Certificates && csplit -n5 -k -f Certificates/cert Certificates.pem ‘/END CERTIFICATE/+1’ {99999}

Now, you should have a Certificates directory with certXXXXX files, while XXXXX is the certificate index.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.