6

After upgrade to OS X El Capitan I keep having problems with the keychain (such as needing to enter the keychain password every time an app wants to access the keychain, even though auto lock settings are off, and Keychain Access app shows it's unlocked already).

In Keychain Access app whenever I try to run Keychain First Aid on my login keychain I get this:

Verification started
Checking keychain configuration for kornel (user ID=501)
Home directory is /Users/kornel
Checked login keychain
Checked settings for ~/Library/Keychains/login.keychain
Keychain can't be unlocked automatically. Please attempt to unlock ~/Library/Keychains/login.keychain from Keychain Access.
Checked default keychain
Checked contents of ~/Library/Keychains/login.keychain
No problems found
Verification completed

The problem is that my keychain appears to be unlocked already, and starting the First Aid locks it.

How can I stop the keychain from locking itself? Or rebuild it without losing saved passwords?

Kornel
  • 1,365

4 Answers4

3

I've found the culprit: Junos Pulse VPN software (5.1) breaks the keychain and system CA certificates in OS X 10.11.

I've deleted Junos Pulse completely, and the system is happy now.

Kornel
  • 1,365
1

Happening to me a well. However, I've never installed any app call Junos Pulse VPN. Tried deleting my keychain and even starting from scratch and same issue persists. Just started happening the other day and now I can't access most apple apps such as Software Update, iTunes, iBooks etc because without keychain working everything is broken.

TechRemarker
  • 111
  • 3
0

I saw something like this back in 10.6 or 10.7 for a single user, hopefully this will help.

  1. Go into Keychain Access.
  2. From the Edit menu, Choose Keychain Settings (Make sure Login keychain is selected).
  3. Check the "Lock after xx minutes of inactivity" is not turned on, or alternatively is a reasonable (eg. Make than 5 minutes) amount of time.
  4. Save the setting

Also check the Keychain Preferences, particularly:

  • Synchronize Login Keychain password with account

  • Set login keychain as default (should be checked)

    • Benjamin
Benjamin Schollnick
  • 4,447
0

My IT folks think Pulse 5.1.5 might fix this. I reset the keychain and un-installed the older version of Pulse when it broke the keychain. With the new Pulse 5.1.5 I can now log into the VPN. However, I still get the "Keychain can't be unlocked automatically. Please attempt to unlock ~/Library/Keychains/login.keychain from Keychain Access." error.

scidoc666
  • 1