Installing a Spanish Digital Certificate on a Mac

Whereas a lot of people complain about Spanish beurocracy, I’ve never really had that much of an issue with it – finding that with a little bit of research in advance of needing an official appointment, things generally run pretty smoothly.

In order to simplify things, the Spanish government offer the option of getting an official digital certificate which allows you to prove your identity officially, and do all sorts of official tasks, like make a tax declaration or check your drivers license all from home.

That all sound great, until I tried to get my newly issued certificate to work on my Macbook which seemed to give multiple different random errors, and in general the internet seemed to agree was totally broken.

This is how I got my Spanish digital certificate to work on my Mac.

The Background

I got my digital certificate as part of the IDCat process here in Catalunya. I had to go along for a face to face apointment where they checked my passport and NIE, asked me to sign a paper document saying that I had requested the certificate, and finaly asked me to choose my own password.

They sent me away with a physical piece of paper which contained information on how to download my certificate and a “download/document code”

When I got home, the webaddress on the letter asked me to enter my details and asked me both the code they gave me, and the code I’d given them and my browser downloaded a file called idCatCert.p12 – this will be important later.

Installing the Digital Certificate try 1:

Aparently, we should just be able to use keychain Access directly, so let’s load it, and choose the “My Certificates” option in the bottom left.

We can then just drag the downloaded certificate file across into Keychain Access. On my system it first asked me for my Mac user password – which you can tell as it will have a username field as well.

After you’ve entered your Mac user password, it will then ask you for another password. In my case, this was the “download/document code” that they gave me.

If this doesn’t give an error, then congratulations, you’re done – you can check at the bottom to see how you can check that this has worked in Google Chrome.

Installing the Digital Certificate try 2:

For me the above gave me an error saying that the certificate couldn’t be read.

Great – helpful right? so this is what worked for me. Let’s open up a Terminal window, and then lets go to where the certificate file has been downloaded to.

For me this was

cd Downloads
ls *.p12

This should then show you the certificate file. Mine is called idCatCert.p12

Next type (if your certificate was called something different to idCatCert.p12, change it to what your’s is called below):

security import idCatCert.p12 -k ~/Library/Keychains/login.keychain

For me, this asked for the document/download code.

If you don’t get an error, then it’s on to check if it works.

Does the Spanish Digital Certificate work in Google Chrome?

Let’s go to to the Spanish Tax Agency to check if it’s been accepted properly.

https://www.agenciatributaria.gob.es/AEAT.sede/Inicio/Inicio.shtml

Click on the Mis expedientes

Then select the option “Acceda con certificado o DNI electrónico”

If all has worked it should pop up a window asking you to select an installed digital certificate. Select it, and it should then take you directly to your personal tax details page, with your name and NIE in the top right of the page.

Did this work? Did it not work? Let me know in the comments below.