Keychain file extension change in macOS Sierra

Question

Keychain file extension change in macOS Sierra

tylerhunt opened this issue 8 years ago · 4 comments

In macOS Sierra, the keychain file extension has been changed from .keychain to .keychain-db, which causes errors like this when using aws-keychain:

security: SecKeychainCreate ~/Library/Keychains/aws-keychain.keychain: A keychain with the same name already exists

The following appears to fix the issue:

- : ${AWS_KEYCHAIN_FILE="$HOME/Library/Keychains/aws-keychain.keychain"}
+ : ${AWS_KEYCHAIN_FILE="$HOME/Library/Keychains/aws-keychain.keychain-db"}

Answer 1 · 2017-02-14T14:18:07.000Z

having the same issue with the lastest version

Answer 2 · 2017-04-24T16:26:52.000Z

Quick workaround: set AWS_KEYCHAIN_FILE to "$HOME/Library/Keychains/aws-keychain.keychain-db" on your .bash_profile.

export AWS_KEYCHAIN_FILE="$HOME/Library/Keychains/aws-keychain.keychain-db"

I'll submit a pull request to implement a complete fix in a couple of minutes, but the workaround should be good enough until the pull request is approved, merged and package managers get the new version.

Answer 3 · 2017-08-23T11:39:19.000Z

Thanks. @melo's fix in #22 is merged, but please take a look at https://github.com/99designs/aws-vault as a far more secure alternative to aws-keychain.

Answer 4 · 2017-08-23T11:57:09.000Z

Thanks @pda, will try aws-vault, looks good.