id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
14397	Add https certificate to macOS keychain more easily	Stereo	team	"It's super useful how JOSM automatically adds its certificate to the Windows keystore, and it would be great if it could do the same for macOS.

This method modified for port 8112 works for me: https://gist.github.com/WoLpH/f959c2beccdd0fae925c

The only parts that really needs a shell is `sudo security add-trusted-cert -d -r trustRoot -k ""/Library/Keychains/System.keychain"" ""/tmp/$HOST.cert""`

Note that this script has a race condition. JOSM should write its certificate to an unpredictable filename, then call security add-trusted-cert on that filename before deleting it.

http://stackoverflow.com/a/40775875 describes how to sudo shell commands from java on macOS without exposing the user password.

`security find-certificate -c localhost` can find the certificates installed locally. `security find-certificate -c localhost -p` outputs it in pem format.

The interface in Preferences > Remote could look roughly like this:

[X] Enable HTTPS support

Your password is required to add JOSM's certificate to your browser's trusted certificates.

[Password field ] [Add certificate to browser button]

Current status: (Certificate trusted|Certificate missing)"	enhancement	closed	normal		Core		duplicate	macosx