Expired or duplicate certs

  1. I have some expired certificates in my keychain. Should I just delete these?

  2. I have some duplicate certs in my keychain (and AppWrapper reports this, but does not seem to mind). How can I find out which pair of duplicates AppWrapper is not using and delete those?

  1. I personally do so.
  2. App Wrapper technically doesn’t use them, it’s the code signing API that App Wrapper calls, the reason I mention this is because I’ll be honest and say that I don’t actually know. I would assume it has something to do with reading the “active” dates from the certificate, but I could be wrong.

The reason why App Wrapper whines about them, is in the past the code sign API would fail if there was more than one cert with the same name. It doesn’t seem to do so nowadays, but I haven’t removed the whineness from App Wrapper, just in case.