I was interesting in evaluating MarkSpace’s SyncTogether program as a potential solution for keeping 2 Mac OS X address books, owned by two different users, in sync.

Well, right off the bat I ran into problems. Immediately upon launching the program I received this error:

An SSL certificate for mike@terrapin-pro could not be generated.

Contacting customer support resulted in a fairly quick response, but it didn’t help. They pointed me to an FAQ entry that didn’t match my symptoms.

Then, in typical busman’s holiday fashion (I nominally took today off), I spent a couple of hours debugging the problem this afternoon.

First, via the console app, I found the SyncTogether script that was failing. It was calling the utility certtool and getting a permission denied error.

I tried this and I tried that (including running SyncTogether as root, w/no problems) and finally ended up finding the answer when I searched for “os x keychain location and permissions” which lead to a very useful Mac OS X Hints page.

It turned out the answer was to launch /Applications/Utilities/Keychain Access.app and perform a Keychain First Aid. Doing so revealed this error:

User differs on ~/Library/Keychains/login.keychain, should be 501, owner is 0

and once it was corrected SyncTogether launched without incident.

Hopefully later today I’ll get a chance to actually evaluate SyncTogether!

Oh, and here it is in FAQ format:

Q. I’m getting the following error, what should I do?

An SSL certificate for user@host could not be generated.

A. Launch /Applications/Utilities/Keychain Access.app and perform a Keychain First Aid.