safari wants to sign using key privatekey

Mail User Guide

• What’s new in Mail
• Get started
• Add email accounts
• Use a custom email domain
• Remove or temporarily turn off email accounts
• Send an email
• Format text in emails
• Send emails to groups
• Unsend emails with Undo Send
• Redirect emails
• Set your From or Reply to email address
• Create and use email signatures
• Read emails
• Reply to, forward, or follow up on emails
• Use Remind Me to come back to emails later
• View email conversations
• Search for emails
• Filter emails
• Sort emails
• Show emails from VIP senders
• Archive emails
• Print emails
• Use information found in Mail in other apps
• Add attachments to emails
• View, save, or delete email attachments
• Mark up email attachments
• Send large attachments
• Create or delete mailboxes
• Use favorite mailboxes
• Use Smart Mailboxes
• Move or copy emails
• Move or copy mailboxes
• Import or export mailboxes
• Block or unblock senders
• Unsubscribe from mailing lists
• Reduce junk mail
• Use Mail Privacy Protection
• Sign or encrypt emails
• Use Hide My Email
• Use email aliases
• Change settings
• Use Focus filters
• Manage notifications
• Use Mail extensions
• Use column layout
• Use Mail full screen
• Use rules to manage emails you receive
• Automate Mail tasks
• Keyboard shortcuts

Sign or encrypt emails in Mail on Mac

Email messages that are digitally signed or encrypted can offer enhanced security when sending or receiving email.

Open Mail for me

Send digitally signed and encrypted emails

A digitally signed message lets your recipients verify your identity as the sender; an encrypted message offers an even higher level of security. To send signed messages, you must have a personal certificate in your keychain. To send encrypted messages, the recipient’s certificate must be in your keychain.

Move the pointer over the From field, click the pop-up menu that appears, then choose the account for which you have a personal certificate in your keychain.

A signed icon (containing a checkmark) is shown in the message header and indicates your message will be signed when you send it.

Address the message to recipients.

An encrypted icon (containing a closed lock) is shown if your keychain contains a personal certificate for every recipient. If you don’t have a certificate for every recipient, click the encrypted icon in your message; an open lock replaces the closed lock, indicating the message will be sent unencrypted.

Some mailing lists reject digitally signed messages because the signature is treated as an attachment. If this happens, click the signed icon in your message; an x replaces the checkmark, indicating the message will be sent unsigned.

Note: If for some reason your certificate isn’t associated with your email address, or if you want to use your certificate with a different email address, Control-click the certificate in Keychain Access, choose New Identity Preference, and provide the requested information.

Open Keychain Access for me

Receive digitally signed and encrypted emails

If a message is signed, a signed icon (containing a checkmark) is shown. To view the certificate details, click the icon.

If the message was altered after it was signed, Mail displays a warning that it can’t verify the message signature.

If a message is encrypted, an encrypted icon (containing a closed lock) is shown. If you have your private key in your keychain, the message is decrypted for viewing. Otherwise, Mail indicates it can’t decrypt the message.

If you want to include encrypted messages when you search for messages in Mail, set the option in the General pane of Mail settings. The option enables Mail to search individual words, even though the message is stored encrypted.

Adobe Community

• Global community
• 日本語コミュニティ Dedicated community for Japanese speakers
• 한국 커뮤니티 Dedicated community for Korean speakers
• Discussions
• Mail.app wants to sign using key "privatekey" in y...

Mail.app wants to sign using key "privatekey" in your keychain

Copy link to clipboard

1 Correct answer

never-displayed

Support Portal

How can we help you today, resolve '(app name) wants to access key "(key name)" in your keychain' alert message print.

Modified on: Sun, Dec 13, 2020 at 6:29 PM

You may be prompted with messages such as 'codesign wants to access key "access" in your keychain'. To resolve this, you should set the related key's Keychain Access Control setting to "Always Allow":

• Open Keychain Access in Applications > Utilities > Keychain Access
• Highlight "Login" Keychain
• Find the key or keys you wish to allow your application to access
• Right-click the key item, and select "Get Info"
• Click on the "Access Control" tab
• Select "Allow all application to access this item" or "Always Allow"
• Press "Save Changes" to confirm the change
• Enter your password you use to login to the server to authenticate

This should allow your application to always allow access to the selected  key. Repeat the above steps on all keys you wish to always allow access.

Reference Video: How to allow applications to access keychain in Mac® OS X™  

Did you find it helpful? Yes No

Related Articles

This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

MacOS InTune-Enrolled Device. Keychain Access to 'Microsoft Workplace Join Key'

I have a MacBook with Monterey OS that is enrolled through Intune. For some reason when the user attempts to access SharePoint online through Google Chrome she receives a prompt "Google Chrome wants to sign using key "Microsoft Workplace Join Key" in your keychain. Even if she selects Always Allow, she gets prompted again.

Microsoft Intune Enrollment Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities. Enrollment: The process of requesting, receiving, and installing a certificate. 1,248 questions Sign in to follow

@Gary Leung Thanks for posting in our Q&A.

Honestly, I haven't met this issue. If possible, it is suggested to try to access SharePoint online through Google Chrome on an unenrolled MacOS device and check if this issue still exists.

If this issue only occur in the enrolled MacOS, it is suggested to create an online support ticket to get more accurate help. Here is the support link: https://learn.microsoft.com/en-us/mem/get-support

Thanks for your understanding.

I had the same issue and still have no idea why. I was able to resolve by going to the key chain utility and finding the cert and selecting allow all applications to access item.

It comes from the keychain ACL for Microsoft Workplace Joinkey. By default, all microsoft apps can access it (com.microsoft and Microsoft portal). Obviously here Chrome, is used to access to Sharepoint. It might be the same for other apps used to enter a microsoft site.

you can add Chrome to the keychain ACL.

I have added chrome and firefox but still getting prompts, can anyone guide me on this

@Anish Bhowmick Were you able to resolve this issue? Facing the same issue on my Mac.

This happened in my environment when I created a persistent session conditional access policy and set it to report-only mode .

Disabling the policy resolved the issue.

Stack Exchange Network

Stack Exchange network consists of 183 Q&A communities including Stack Overflow , the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Google Chrome constantly asking for Keychain permission?

My Google Chrome installation on Snow Leopard is asking for access to the keychain any time I go to a site with login information... This happened really suddenly - I've restarted and tried different combinations of settings (always allow) to no avail. The suggestions here: Safari keeps asking permission to access the keychain have not solved my problem. Any advice?

• osx-snow-leopard
• google-chrome

7 Answers 7

Google screwed up the application signing in their update procedure. I'm just randomly guess they switched the OS X binary over to something like what they were doing with the Windows version (a decompiling, then patching procedure, then recompiling) without considering the possibility of differing hashes.

Mac OS X 10.5 Leopard includes a new code signing security feature that helps verify the integrity of an application. Applications are signed by their creators before being distributed using their private key, and then can be verified on the customer’s machine using the company’s public key. Mac OS X’s Keychain Services leverage this new code signing feature to verify the signature of each application before allowing access to the contents of the keychain. By verifying the signature, the Mac OS X keychain Services can detect when a potentially malicious change has been made to an application and thereby protect your sensitive data by denying the changed application access. src: http://help.agile.ws/1Password3/invalid_code_signature.html

As for the fix? Not quite sure. I've just been hammering on Always Allow. I still get them sometimes but ever since I've started hammering, I've been getting less. Eventually, it'll go away if you keep doing that.

Hey, looking back at my guess, try reinstalling.

• this is happening to me again, a year later. boo Google :( –  Kyle Wild Sep 22, 2011 at 18:17
• 1 [one year later] - Is this some kind of Groundhog Day? From A to Z, I had to click Always Allow for all the stored sites... –  brasofilo Jan 2, 2013 at 10:50

This is what worked for me. Apple Snow Leopard and Google Chrome 17.0.963.56.

• Quit Chrome
• Open Utilities: Keychain Access
• Search for Chrome
• Delete "Chrome Safe Storage"
• Start up Chrome. Note that Chrome Safe Storage is back in the list.
• Go to a site which requires a password stored in the Keychain. The Keychain dialog box will pop up and ask for your password. Type the password (like you normally do).

• 1 Worked! Looked like my sync now isn't working but I will research that.. –  Marcus Leon Jun 23, 2012 at 15:10
• My problem wasn't that it asked for passwords for new sites but that I had to click through a whole bunch of "do you want to..." when starting Chrome. Solution was to delete the entry in Keychain access and then restart Chrome. I have to reenter all passwords now but that is only fair - if I tell my users to do it I should be able to do it myself too. –  LosManos Jun 16, 2014 at 7:22
• If I quit chrome how do I read these instructions? –  Raikol Amaro Sep 25, 2021 at 21:03

Re-installing fixed the problem for me.

What fixed it for me is moving the Google Chrome keychain entry from a secondary keychain into my primary keychain. I have multiple keychains due to poorly moving my keychain database from system to system and moving it into the "master", or "primary", database fixed the issue.

In Keychain Access menu, try to run Keychain First Aid, it ask password and select Verify and start. If found error, try it again and select Repair.

• No errors were found. –  分かりますか Aug 3, 2010 at 17:24

The fix to both Google Chrome and Chromium should be rolling out this week:

http://code.google.com/p/chromium/issues/detail?id=108238#c61

...and there was much rejoicing!

• Nope, 1 year later and still happening. –  Simon Jun 6, 2013 at 10:21

This might be caused by Chrome trying to access credentials saved by Safari . The solution in a short version:

• Go to Keychain Access
• Delete the entry "facebook.com (password not saved)" or something similar (in my computer it appears with a blue icon)

You must log in to answer this question.

Not the answer you're looking for browse other questions tagged osx-snow-leopard google-chrome keychain ..

• The Overflow Blog
• Supporting the world’s most-used database engine through 2050
• What language should beginning programmers choose?

Hot Network Questions

• If Alice measures a qubit and doesn't tell Bob the result, what's Alice's state from Bob's perspective?
• Continuous addition and multiplication on Euclidean space (dimension > 2) making it into a field?
• Why are venomous mammals and birds so rare in comparison to reptiles and fish?
• What is 'T' rating on a glass fuse?
• Laser finger guns
• Is quantum gravity research implying that gravity is actually a force and not spacetime curvature according to GR?
• Why do GCC and Clang pop on both branches instead of only once? (Factoring parts of the epilogue out of tail-duplication)
• How to make a sign language that only uses three fingers
• Parents' house repairs and siblings future inheritance
• How to disconnect stainless steel and threaded galvinized piping connection
• Why is one process ps command showing spaces around a directory instead of slashes?
• Is the cap-product map injective for singular varieties?
• A question about rational functions in complex analysis
• What is a Pillycoddian gesture?
• Enumerate all matches of a regex
• Finding food on the run
• Employer asking to open a business bank account. Is this job a scam or legit?
• What security risks do you see with wrong OTPs appearing in application logs?
• How can I make this AC current switch turn on at 20mA instead of 50mA?
• How Balanced Would a Magic Item that Changes Size by One Be?
• Reference for a statement from Gaitsgory's thesis
• Is there such a thing as a "physical" fractal?
• Would civilized bloodsuckers slaughter livestock or bloodlet them?
• Does an upcast Banishment send the targets to the same place if they share a native plane?

• Skip to main content
• Switch language
• Skip to search

Search Support

• Support Forums
• Firefox 13.0.1 for Mac repeatedly...

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

This thread was archived. Please ask a new question if you need help.

Firefox 13.0.1 for Mac repeatedly asking to access keychain

• 18 have this problem
• Last reply by plevintampabay

11 years ago

Since I upgraded to Firefox 13 for mac, Firefox asks my permission to access confidential information in my keychain. It does it everytime I start firefox even though I click "Always Allow" each time. This did not happen with the older version. By the way, the exact message reads, "Firefox wants to use your confidential information stored in “lpsafari” in your keychain. Do you want to allow access to this item?" Is there some way to get Firefox to stop asking?

Chosen solution

It does seem to be LastPass

This seems to work for me.

Go into KeyChain Access Find lpsafari Choose get info Go to Access Control (2nd tab) Choose Allow All Applications to Access this Item Then Save Changes

It stops nagging.

However, I don't like opening access like that.

So, I went back and deleted lpsafari from the keychain.

So far, that has stopped the nagging and restarting FireFox has not regenerated an lpsafari item either.

Your results?

All Replies (11)

Hi dpolsky, Firefox itself is not using the keychain as far as I know. It might be a normal extension that is not working properly or even malware. First thing I'd suggest is disabling add-ons and turning them on one by one to find out which one is causing the issue. If that still doesn't solve the problem, try reseting Firefox: Click on "Help" in the menu bar and select "Reset Firefox".

Let us know if that solved the problem.

• Top 10 Contributor
• https://addons.mozilla.org/firefox/addon/keychain-services-integration/

It is caused by my LastPass add on. When I disabled it, the keychain request went away; when I enabled it again, the request returned. I guess the "lp" in "lpsafari" stands for LastPass? In any event, am I correct to assume that this is a problem LastPass has to rectify rather than Firefox? Thanks for your help.

Yeah, they probably have the same issue as "Keychain Services Integration" with the signing process. But that is pure speculation. You should probably contact LastPass support about this problem.

Chosen Solution

I do not have LastPass installed. I did a long time ago, several Firefox versions ago.

When I go to a web site that I have password info stored in the KeyChain, Firefox asks several times to access the key chain for that one instance of going to that site.

For example, logging into this forum asked to access the key chain when I first got to the page before filling in the login fields. After the fields were filled in, and I clicked the Login button, Firefox asked again to access the key chain.

I'm not sure this is the same problem others are talking about in this thread.

Start Firefox in Diagnose Firefox issues using Troubleshoot Mode to check if one of the extensions or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance/Themes).

• Don't make any changes on the Safe mode start window.
• https://support.mozilla.org/kb/Safe+Mode
• https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes

Thanks for the info. This lead me to realize that the connection between Firefox and the keychain was with an add-on I had installed called Keychain Services Integration 1.1.3 by Julian Fitzell. Before seeing this in my Extensions, I was thinking that access to the KeyChain was built in to Firefox.

Anyway, on the web site for this Add-on, it says this add-on is broken in Firefox 13, and users are recommended to say with Firefox 12.

To make things worse, this add-on's home page is a blog that hasn't been posted to in years. I'll email the guy.

Thanks again.

For reference. I am not using Keychain Services Integration 1.1.3 by Julian Fitzell.

Also, the fix listed above seems to be the answer.

I sent an email to Julian, who replied right away (that's good support!) Here is his reply --

Yes, the problem of repeatedly asking you to allow is the [known] problem. The issue is being tracked here: http://code.google.com/p/mozilla-keychain/issues/detail?id=48

Mozilla started cryptographically signing their binaries in FF13, which in theory is great for us (you'll no longer get prompted to allow every time you upgrade) but unfortunately they did it in a way that's not compatible with OS 10.6. We've identified the problem and a solution and I'm hoping they're going to be able to get the fix in in time for FF14. Unfortunately there's little more we can do until they do so.

If you feel like getting your hands a bit dirty, there is a work around involving resigning the binary yourself - instructions are at the above link. Otherwise, just roll back to FF12 and wait for them to the fix the problem.

View in English

• Help Guides
• Agreements and Guidelines

Create a Sign in with Apple private key

To communicate with Sign in with Apple, you’ll use a private key to sign one or more developer tokens.

First, enable the Sign in with Apple service on an iOS, tvOS, watchOS, or macOS App ID and classify as the primary App ID. Enable the service on related apps and associate using the grouping feature. Register a Services ID, verify your domain, and associate to an app for each website that uses Sign in with Apple.

Next, create and download a private key with Sign in with Apple enabled and associate it with a primary App ID. You can associate two keys with each primary App ID. Then get the key identifier (kid) to create a JSON Web Token (JWT) that you’ll use to communicate with the capabilities you enabled.

If you suspect a private key is compromised, first create a new private key associated with the primary App ID. After transitioning to the new key, revoke the old private key .

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

"Safari wants to use login keychain" how do I stop this message popping up

Mac OS X (10.5.4)

Posted on Oct 3, 2008 4:21 AM

Loading page content

Page content loaded

Oct 3, 2008 6:23 AM in response to wooziewooster

Oct 26, 2008 5:48 PM in response to Kevin Hiscox

Nov 11, 2008 8:00 AM in response to wooziewooster

Dec 1, 2008 4:08 PM in response to wooziewooster

Dec 1, 2008 4:13 PM in response to doug123a