This module is similar to win-ca but for Mac OS. In fact I have copied most of its documentation and I have tried to maintain api compatibility.
Get MacOS System Root certificates for Node.js.
Node uses a statically compiled, manually updated, hardcoded list of certificate authorities, rather than relying on the system's trust store... Read more
This package is intended to fetch Root CAs from MacOS "SystemRootCertificates.keychain" and make them available to Node.js application with minimal efforts.
Just say npm install --save mac-ca and then call require('mac-ca').
It is safe to use it under other OSes (not MacOS).
After require('mac-ca') MacOs' Root CAs are found, deduplicated and installed to https.globalAgent.options.ca so they are automatically used for all requests with Node.js' https module.
For use in other places, these certificates are also available via .all() method (in node-forge's format).
let ca = require('mac-ca')
let forge = require('node-forge')
for (let crt of ca.all())
console.log(forge.pki.certificateToPem(crt))
Unfortunately, node-forge at the time of writing is unable to
parse non-RSA certificates
(namely, ECC certificates becoming more popular).
If your Trusted Root Certification Authorities store
contains modern certificates,
.all() method will throw exception.
To fix this, one can pass format parameter to .all method:
let ca = require('mac-ca')
for (let crt of ca.all(ca.der2.pem))
console.log(crt)
Available values for format are:
| Constant | Value | Meaning |
|---|---|---|
| der2.der | 0 | DER-format (binary, Node's Buffer) |
| der2.pem | 1 | PEM-format (text, Base64-encoded) |
| der2.txt | 2 | PEM-format plus some info as text |
| der2.asn1 | 3 | ASN.1-parsed certificate |
| * | * | Certificate in node-forge format (RSA only) |
One can enumerate Root CAs himself using .each() method:
let ca = require('mac-ca')
ca.each(crt=>
console.log(forge.pki.certificateToPem(crt)))
But this list may contain duplicates.
Asynchronous enumeration is not supported by this module yet.
Uses node-forge and is heavily inspired by Stas Ukolov's win-ca.
See also OpenSSL::Win::Root.
FAQs
Get Mac OS Root certificates
The npm package mac-ca receives a total of 31,364 weekly downloads. As such, mac-ca popularity was classified as popular.
We found that mac-ca demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Feross Aboukhadijeh joins TBPN to discuss Socket's $60M Series C, 500%+ ARR growth, AI's impact on open source, and the rise in supply chain attacks.
Security News
OSV withdrew 157 OSV malware reports after automated false positives incorrectly flagged trusted npm and PyPI packages, sending bad records into tools that rely on OSV data.
Research
/Security News
TrapDoor crypto stealer hits 36 malicious packages across npm, PyPI, and Crates.io, targeting crypto, DeFi, AI, and security developers.