Keyboard Maestro certificate is not trusted

I'm trying to connect my MacBook Pro to my iPad via the Keyboard Maestro Control app. When I hit Connect in the 'Preferences: Web Server' window I get a warning that the server I'm trying to connect to is not private. A screenshot of the certificate is attached. Is this the only way to use my iPad with KBM - via the internet? Isn't there a Bluetooth connection? If internet is the only option, does anyone have advice on proceeding?

Yes, this is to be expected - Keyboard Maestro creates a “self signed” certificate to enable https, and browsers will not generally trust that overly. It is better than using plain http, but not by a whole lot - it doesn't avoid Man-in-the-Middle attacks for example, though it does stop plain “sniffing” attacks.

Generally I would not recommend using the Remote trigger which operates via a server with a real certificate, but it does require both the client and server to be on the Internet.


Thanks, Peter - I think I'll leave that option alone. I was looking for a way to trigger KBM without having to involve my default computer keyboard. Ah, well . . .

The Remote Trigger will let you trigger macros from your phone or iPad. Alternatively, you could get a button keyboard (like the XK-24 or such).

What sort of input device did you have in mind?

1 Like

Thanks for your continued help.

I use KBM for just one purpose which is to create keyboard shortcuts in Finale music notation software. My real hope was to isolate a standard qwerty+10 keyboard so that I can take advantage of easy-to-remember alpha-numerical references. I have at least 50 macros, all of which require at least two keys. Since I also need to type text in Finale docs, my macros can't be words. Many are Option or Control plus a single letter. Or three to four letters in a non-word string. For operations that I do less frequently I keep a printed reference handy. Alas, it's not possible to tell the OS that a particular qwerty+10 keyboard be dedicated to KBM only.

Since reading your last comments, I've explored some control pad options. My understanding is that an external control pad triggers combined keystrokes and executes them as if I had (rapidly) typed them out on the computer keyboard; it's essentially accessing the computer keyboard's functions. That's the simple revelation I needed in order to understand my options: an external keyboard can't assign a different function to the same keystrokes on the computer.

But, an external control pad would allow me to reduce all macros to single keystrokes. Genovation makes a 48-key control pad which enables a second 'layer' which, I think, is accessed by holding a single key on the computer keyboard and pressing a single key on the Genovation. So, I could have 96 macros which I could assign numerically and print a reference key which organizes functions categorically (Finale tools) and lists them with their Genovation key(s). I couldn't memorize as many functions using numbers-only as opposed to alpha-numeric reference but, even with lookup time, it would still be far more efficient than doing the operations manually.

I'm recording these thoughts here for anyone else who is thinking through this. My question to you, Peter, is, "Am I understanding this correctly?" Thanks for all of your help!

Yes, that sounds correct. I don't know of the Genovation or how it works. I know the XK-24 work, but its the only external control pad keyboard I've tested (if any companies want me to test that they work with Keyboard Maestro’s USB Device Key triggers, I am happy to test devices sent to me).

I'm trying to dial a Yealink phone with the following:


It errors and gives me the following:
"The certificate for this server is invalid. You might be connecting to a server that is pretending to be “10.0.2.xx” which could put your confidential information at risk.}

If I use a non https prefix ie:


I can dial the phone 2 times but am always locked out on the third attempt, Yealink support says because of username/password issue, .... but I know that the username and password are correct.

Is there a way to create a 'trusted' certificate? to import into the phone GUI so that KM is trusted?

  • This is a bit over my pay grade but I'm really trying to resolve this dialing issue, it is pretty important to our workflow.
    Thank you for any feedback / thoughts.

I think you've got this the wrong way round -- it's the "10.0.2.xx" server that isn't trusted by the machine running KM, and that's the machine you need to put a certificate on if you want to use https.

That's a private network address, so something within your local network (and, presumably, under local control). There are many ways of getting a valid certificate on the server, you could even self-sign and then tell the Mac running the KM macro to "Always trust this certificate" in Keychain Access.

Try pointing your web browser at https://10.0.2.xx and then clicking the padlock in the address bar to see what the problem is on the server's end.

1 Like

thank you, ah, and here....

I can't seem to set my system to 'trust' this cert....

On the KM-running machine, launch Keychain Access (in your Utilities folder) and search for that certificate. Double-click to open, open the "Trust" section, and change "When using this certificate:" to "Always Trust".

1 Like

Yes, in Keychain Access, searched for
found nothing, hmph...
also searched for Yealink...

UPDATE: Got the system to always trust upon restarting browser and going to the URL, ...
I'll work with it now and see if this does the trick?
Fingers Crossed!!

I 'always trusted' the certificate, but still get the error originally show in post 1.
It must be because it is 'not standards compliant' ... ?
thanx @Nige_S for your time, really appreciated....

Can you get this to work in a browser rather than from KM? That might give you some clues. Ultimately you may need to do this from KM using a "Do Shell Script" action and using curl with the -k option to make it ignore certificate errors.

How you do that will depend on your macro. I suggest you start a new thread explaining the problem and posting the (appropriately redacted) part of the macro that's giving you problems.

yes, it works in chrome browser consistently, no lockout, but does not work in safari....
The shell/curl/-k approach is well above me.... wish it wasn't...

It's actually quite easy, it's getting the bits you need into the KM Shell Script action in a way the shell likes that's the problem -- unless you are using the same command all the time, no variables?

Start a new thread, provide an example macro, and I'm sure you'll get plenty of help.

1 Like