[quote='825476022, DTS Engineer, /thread/774576?answerId=825476022#825476022'] TN3137 explains the difference between the file-based keychain and the data protection keychain. Keeping that in mind, are you sure you want to read this into the file-based keychain? The data protection keychain is, in general, the better option. [/quote] Thanks for the reply. You are right, it is a private key. I generally understand that data protection keychains are better option, but I would like to know how to import them into a file-based keychain (login keychain or system keychain) without using a deprecated API.

[quote='825595022, DTS Engineer, /thread/774576?answerId=825595022#825595022'] The important point is that the file-based keychain is deprecated as a whole. [/quote] I was not aware that the entire file-based keychain is already officially deprecated. If the file-based keychain is to be deprecated, I would like to know how to import it into the data protection keychain in a way that prohibits the export of private keys.

[quote='827964022, DTS Engineer, /thread/775873?answerId=827964022#827964022'] However, my experience with subsystems like this is that they typically use a file-base keychain [/quote] It states that ｔhe file-based keychains are on the road to deprecation and that some of the APIs have been deprecated. TN3137: On Mac keychain APIs and implementations The file-based keychain is on the road to deprecation. It’s not officially deprecated, but some of the APIs surrounding it are. For example, SecKeychainCreate was deprecated in the macOS 12 SDK. Moreover, new features, like iCloud Keychain, require the data protection keychain. If the client certificate for the data protection keychain is not selectable in the Wi-Fi configuration, won't that be a problem when the file-based keychain is discontinued?