starred/mkcert

Fork 0

mirror of https://github.com/FiloSottile/mkcert.git synced 2026-04-25 13:36:02 +03:00

[GH-ISSUE #105] Error on mkcert -install (Mac OSX mojave) #60

New issue

Closed

opened 2026-02-25 22:32:30 +03:00 by kerem · 7 comments

kerem commented

2026-02-25 22:32:30 +03:00

Owner

Originally created by @franck-paul on GitHub (Jan 8, 2019).
Original GitHub issue: https://github.com/FiloSottile/mkcert/issues/105

Hi,

Just installed mkcert (and nss) via homebrew, then run the command mkcert -install which hangs with the following message:

Using the local CA at "/Users//Library/Application Support/mkcert" ✨
Password:
ERROR: failed to parse trust settings: plist: error parsing XML property list: XML syntax error on line 111: illegal character code U+0000

The two files have been correctly created in ~/Library/Application Support/mkcert:

-r-------- 1 staff 2,4K 8 jan 09:41 rootCA-key.pem
-rw-r--r-- 1 staff 1,6K 8 jan 09:41 rootCA.pem

Originally created by @franck-paul on GitHub (Jan 8, 2019). Original GitHub issue: https://github.com/FiloSottile/mkcert/issues/105 Hi, Just installed mkcert (and nss) via homebrew, then run the command `mkcert -install` which hangs with the following message: > Using the local CA at "/Users/<user>/Library/Application Support/mkcert" ✨ Password: ERROR: failed to parse trust settings: plist: error parsing XML property list: XML syntax error on line 111: illegal character code U+0000 The two files have been correctly created in ~/Library/Application Support/mkcert: > -r-------- 1 <user> staff 2,4K 8 jan 09:41 rootCA-key.pem > -rw-r--r-- 1 <user> staff 1,6K 8 jan 09:41 rootCA.pem

kerem closed this issue

2026-02-25 22:32:30 +03:00

kerem commented

2026-02-25 22:32:30 +03:00

Author

Owner

@adamdecaf commented on GitHub (Jan 8, 2019):

ERROR: failed to parse trust settings: plist: error parsing XML property list: XML syntax error on line 111: illegal character code U+0000

This error is from trying to read macOS's settings for each certificate. The following should create a trust-settings.xml file and could we see what's on/around line 111:

sudo security trust-settings-export -d trust-settings.xml

@adamdecaf commented on GitHub (Jan 8, 2019): > ERROR: failed to parse trust settings: plist: error parsing XML property list: XML syntax error on line 111: illegal character code U+0000 This error is from trying to read macOS's settings for each certificate. The following should create a `trust-settings.xml` file and could we see what's on/around line 111: ``` sudo security trust-settings-export -d trust-settings.xml ```

kerem commented

2026-02-25 22:32:30 +03:00

Author

Owner

@franck-paul commented on GitHub (Jan 8, 2019):

line 111:

… jabber-fr.net<0x00> …

Probably the 0x00 character, I suppose that I need to make some cleanup in my keychain!

@franck-paul commented on GitHub (Jan 8, 2019): line 111: > … <string>jabber-fr.net<0x00></string> … Probably the 0x00 character, I suppose that I need to make some cleanup in my keychain!

kerem commented

2026-02-25 22:32:30 +03:00

Author

Owner

@adamdecaf commented on GitHub (Jan 8, 2019):

Is that string part of a certificate?

@adamdecaf commented on GitHub (Jan 8, 2019): Is that string part of a certificate?

kerem commented

2026-02-25 22:32:30 +03:00

Author

Owner

@franck-paul commented on GitHub (Jan 8, 2019):

Not a all!

1.0.dtd"> trustList … 0F7CB39284C9793D615F3BB828747B751916A9F4 issuerName … trustSettings … kSecTrustSettingsPolicyString jabber-fr.net<0x00> …

In the last line the <0x00> equivalent character was only visible when opening xml in sublime text

@franck-paul commented on GitHub (Jan 8, 2019): Not a all! > <?xml version="1.0" encoding="UTF-8"?> > <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-> 1.0.dtd"> > <plist version="1.0"> > <dict> > <key>trustList</key> > <dict> > … > <key>0F7CB39284C9793D615F3BB828747B751916A9F4</key> > <dict> > <key>issuerName</key> > <data> > … > <key>trustSettings</key> > <array> > <dict> > … > <key>kSecTrustSettingsPolicyString</key> > <string>jabber-fr.net<0x00></string> > … In the last line the <0x00> equivalent character was only visible when opening xml in sublime text

kerem commented

2026-02-25 22:32:30 +03:00

Author

Owner

@franck-paul commented on GitHub (Jan 8, 2019):

And I do not find this item when using the OSX Keychain access tool, very strange (or it may be ignored by this tool).

Have you any idea how I can remove this entry?

@franck-paul commented on GitHub (Jan 8, 2019): And I do not find this item when using the OSX Keychain access tool, very strange (or it may be ignored by this tool). Have you any idea how I can remove this entry?

kerem commented

2026-02-25 22:32:30 +03:00

Author

Owner

@FiloSottile commented on GitHub (Jan 8, 2019):

That's one annoying certificate there! You can remove it from Keychain Access by hitting backspace.

This is arguably a bug in security trust-settings-export though, because it generates an invalid plist. If anyone with an Apple Developer Account wants to file a radar, please be my guest.

@FiloSottile commented on GitHub (Jan 8, 2019): That's one annoying certificate there! You can remove it from Keychain Access by hitting backspace. This is arguably a bug in `security trust-settings-export` though, because it generates an invalid plist. If anyone with an Apple Developer Account wants to file a radar, please be my guest.

kerem commented

2026-02-25 22:32:30 +03:00

Author

Owner

@franck-paul commented on GitHub (Jan 9, 2019):

Thank's for help!

@franck-paul commented on GitHub (Jan 9, 2019): Thank's for help!