[scriptkiddie]

So while perusing through my 2012 macbook pro I came across this cool little thing known as Keychain Access, I noticed these were certificates on my Mac however some of them seemed strange for example one or two of them were a man's name (cannot remember the exact name). Me being the paranoid person I am instantly decided it was an intrusion attempt so I deleted the CAs and moved on with my life. Later that evening I revisited Kodi to try to watch a movie and I get bombarded with popups saying that addons aren't working due to unmet dependencies...

Does anyone know what I can do to get those certificates back so that I can get Kodi functioning properly?

[oc_s]

Keychains essentially store all the important private data: your saved logins (like the one to this forum), passwords for your applications, primary keys for your own certificates, and more.

Those named certificates were quite probably public keys of people with whom you are exchanging e-mails.

The best course is to restore from backup. If you have none, I am afraid you are in for more nasty surprises in near future

[scriptkiddie]

Most of the certificates (those with apple in the title) I didn't delete, I only deleted two sketchy CAs (in my opinion, to the untrained eye). I've had firevault on prior to this incident, however I had no knowledge of timemachine until afterwards (it was turned off when discovered). Is there a way to use firevault to restore peace to my laptop universe or am I still in for the grim future?

**The app that the deleted Cas gave me trouble with is a media console app called Kodi.**

[Ned Scott]

I don't think anything you do in the OS X Keychain will ever have any impact on Kodi.

[Memphiz]

I suggest to delete those apple certs aswell - those are the most evil ones imo... - i found some strange cables in my car too - they where labled with the sketchy name "Bosch" on it - i instantly ripped them out, cut through them and burned the isolation. Better safe then sorry - i have only untrained eyes but i trust them of course.

After a while i realised that i couldn't unlock the door to my flat anymore after i fixed the intrusion attemp in my car.

Sorry - couldn't resist - i just needed to clarify how well you chose your nickname...

[oc_s]

Most of the certificates (those with apple in the title) I didn't delete

If you did not delete anything of importance, you still might get a comparatively cheap experience.

Removing and reinstalling those addons which cause problems possibly might help; absolutely no guarantee though.

I only deleted two sketchy CAs

You really mean CA's, i.e., Certificate Authorities? Unlike leaf certificates, these are normally used not directly to validate other certificates (which, without the CA's, are invalid).

In this case, you might go through certificates in your Keychain, check the invalid ones, look which CA they are signed (this is displayed in Keychain Access as “Issued by”), and try to find the removed CA's somewhere on the Net and download them.

Again, lots of work, without any guarantee of success, but it might help.

I've had firevault on prior to this incident, however I had no knowledge of timemachine until afterwards (it was turned off when discovered). Is there a way to use firevault to restore peace to my laptop universe or am I still in for the grim future?

I am afraid the latter. Firewall is just a smart door, which allows or does not allow network communication packets to go through. Save possibly for some logs, it does not store anything.

**The app that the deleted Cas gave me trouble with is a media console app called Kodi.**

This does not make much sense unless Kodi itself stores its own things into Keychain; I do not know its entrails, but as it is a multi-platform code (and the Keychain API is self-evidently available on Mac only), that is highly improbable (it would be technically reasonable to store e.g., HTTP password for external control of Kodi into keychain, but I strongly suspect Kodi uses instead its own arbitrary storage instead of OS X for these things). Ned Scott presumably understands Kodi much more than me and wrote that, too.

Addons, being 3rd-party code, may contain nigh anything. If they access password-guarded services, those passwords would quite probably be stored in Keychains; server certificates might be checked against the CAs — **ha**, this might be the cause of your problems: if it is indeed so, the GUI should allow you to connect regardless the server certificate is not found valid (of course, depending on the particular server, this might slightly increase the danger of a MitM).

[scriptkiddie]

I suggest to delete those apple certs aswell - those are the most evil ones imo... - i found some strange cables in my car too - they where labled with the sketchy name "Bosch" on it - i instantly ripped them out, cut through them and burned the isolation. Better safe then sorry - i have only untrained eyes but i trust them of course.

After a while i realised that i couldn't unlock the door to my flat anymore after i fixed the intrusion attemp in my car.

Sorry - couldn't resist - i just needed to clarify how well you chose your nickname...

Thanks for the help troll, hope one of those cables was the brake line. Everyone starts somewhere, my condolences for not being such an enlightened individual as yourself.

[scriptkiddie]

I don't think anything you do in the OS X Keychain will ever have any impact on Kodi.

Kodi worked smooth as a baby's bottom until tampering with the certs and the deletion of two random ones

[scriptkiddie]

Most of the certificates (those with apple in the title) I didn't delete

If you did not delete anything of importance, you still might get a comparatively cheap experience.

Removing and reinstalling those addons which cause problems possibly might help; absolutely no guarantee though.

I only deleted two sketchy CAs

You really mean CA's, i.e., Certificate Authorities? Unlike leaf certificates, these are normally used not directly to validate other certificates (which, without the CA's, are invalid).

In this case, you might go through certificates in your Keychain, check the invalid ones, look which CA they are signed (this is displayed in Keychain Access as “Issued by”), and try to find the removed CA's somewhere on the Net and download them.

Again, lots of work, without any guarantee of success, but it might help.

I've had firevault on prior to this incident, however I had no knowledge of timemachine until afterwards (it was turned off when discovered). Is there a way to use firevault to restore peace to my laptop universe or am I still in for the grim future?

I am afraid the latter. Firewall is just a smart door, which allows or does not allow network communication packets to go through. Save possibly for some logs, it does not store anything.

**The app that the deleted Cas gave me trouble with is a media console app called Kodi.**

This does not make much sense unless Kodi itself stores its own things into Keychain; I do not know its entrails, but as it is a multi-platform code (and the Keychain API is self-evidently available on Mac only), that is highly improbable (it would be technically reasonable to store e.g., HTTP password for external control of Kodi into keychain, but I strongly suspect Kodi uses instead its own arbitrary storage instead of OS X for these things). Ned Scott presumably understands Kodi much more than me and wrote that, too.

Addons, being 3rd-party code, may contain nigh anything. If they access password-guarded services, those passwords would quite probably be stored in Keychains; server certificates might be checked against the CAs — **ha**, this might be the cause of your problems: if it is indeed so, the GUI should allow you to connect regardless the server certificate is not found valid (of course, depending on the particular server, this might slightly increase the danger of a MitM).

Thank you very much for your indepth assistance, I think my first attempt to resolve this is going to be removing and reinstalling the addons in the repository, however the popups are so bounitful it makes it nearly impossible to navigate the GUI being that you cannot click anything until the popup is dealt with and they donot stop coming. They ask if I want to disable the addon (with unmet dependencies) and regardless of if I choose yes or no the same popup for the same addons return over and over. Hopefully I can catch enough time in between to make it to the repository and remove the addons. Again thanks for your help (Ned Scott as well)

[viper25]

I'm having the same problem however i haven't deleted anything, my power shut off one day and koi hasn't worked right sense is there anything that can be done?