Update macOS cert trust guide (#442)

* Update macOS cert trust guide

* Terminology touchup

* Terminology touchup two

* Terminology touchup three

* Update site/source/user-manual/connecting/connecting-lan/lan-os/lan-mac.rst

* Update site/source/user-manual/connecting/connecting-lan/lan-os/lan-mac.rst

* Update site/source/user-manual/connecting/connecting-lan/lan-os/lan-mac.rst

---------

Co-authored-by: kn0wmad <39687477+kn0wmad@users.noreply.github.com>

site/source/user-manual/connecting/connecting-lan/lan-os/lan-mac.rst

@@ -1,49 +1,59 @@
 .. _lan-mac:
 
-==============================
+================================
-Trusting Your Start9 CA on Mac
+Trusting Your Start9 CA on macOS
-==============================
+================================
 
-#. In your Start9 server's UI, navigate to *System* -> *Lan* -> click *Download Certificate* and save it to your Mac.
+#. In your Start9 server's UI, navigate to **System** -> **LAN**
 
-    .. figure:: /_static/images/ssl/macos/mac-lan-setup0.png
+    .. figure:: /_static/images/ssl/macos/trust-cert-macos-1-system-lan.png
         :width: 60%
-        :alt: LAN setup prompt
+        :alt: Navigate to System > LAN
 
-#. Locate the certificate and double click it.
+#. Click **Download Certificate** and your browser will either automatically save the certificate to your Downloads folder or ask you where to save it:
 
-    .. figure:: /_static/images/ssl/macos/mac-lan-setup1.png
+    .. figure:: /_static/images/ssl/macos/trust-cert-macos-2-download_cert.png
+        :width: 60%
+        :alt: Download Certificate
+
+#. Among the browser's downloads, right click your certificate file and select *Show in Folder*:
+
+    .. figure:: /_static/images/ssl/macos/trust-cert-macos-3-show_in_folder.png
+        :width: 60%
+        :alt: Show certificate file in Downloads folder
+
+#. Finder will open.  Locate your unique `adjective-noun Local CA.crt` file in your *Downloads* folder and double click it to open it in the Keychain Access program.  You will be prompted for your macOS username and password, or thumbprint.  Then select *Modify Keychain*:
+
+    .. figure:: /_static/images/ssl/macos/trust-cert-macos-4-modify_keychain.png
         :width: 60%
 
-#. In the resulting  box, choose "System" from the "Keychain" dropdown menu.  Then click "Add."
+#. Your server's CA certificate will be displayed among the imported certificates in Keychain Access.  Right-click on the imported CA cert and select *Get Info*:
 
-    .. figure:: /_static/images/ssl/macos/mac-lan-setup2.png
+    .. figure:: /_static/images/ssl/macos/trust-cert-macos-5-cert-get_info.png
         :width: 60%
-        :alt: System Keychain
+        :alt: Keychain Access - Get Info of CA Certificate
 
-#. Enter your computer password when prompted. It will be imported into your mac's keychain.
+#. The details of your CA certificate will be displayed in a new dialog window.  Expand the **Trust** heading, then select "**Always Trust**" on **Secure Sockets Layer (SSL)** and **X.509 Basic Policy**.
 
-    .. figure:: /_static/images/ssl/macos/certificate_untrusted.png
+    .. figure:: /_static/images/ssl/macos/trust-cert-macos-6-ssl_tls-always_trust.png
         :width: 60%
-        :alt: Keychain access import menu
+        :alt: Trust CA Certificate
 
-    .. note:: If the keychain console did not open, press "Command + spacebar" and type “Keychain Access”, and hit enter to open it.
+    Click the red (x) button at the top left of the Local Root CA dialog window.
 
-#. Navigate to the "System" tab on the left, find the certificate named as a custom ``adjective-noun.local.crt``, and double click on this certificate. A second window will pop up.
+#. You will then be prompted again for your username and password, or thumbprint.  Enter those and click **Update Settings**:
 
-#. Open the "Trust" dropdown and select "Always Trust" from the dropdown next to "When using this certificate".
+    .. figure:: /_static/images/ssl/macos/trust-cert-macos-7-password-update_settings.png
+        :width: 60%
+        :alt: Authenticate to change the settings
 
-    .. figure:: /_static/images/ssl/macos/always_trust.png
+#. You will see your server's CA certificate as trusted now, signified by a blue (+) sign and the CA cert information will now say "This certificate is marked as trusted for all users" in Keychain Access:
+
+    .. figure:: /_static/images/ssl/macos/trust-cert-macos-8-cert_trusted.png
         :width: 60%
         :alt: Keychain submenu
 
-#. Close this window and enter your password to apply the settings.
+    .. tip:: If the keychain console did not show the certificate as trusted, press "Command + spacebar" and type “Keychain Access”, and hit enter to re-open it.
-
-#. The unique ``adjective-noun.local.crt`` cert will now read "This certificate is marked as trusted for all users" in Keychain Access.
-
-    .. figure:: /_static/images/ssl/macos/certificate_trusted.png
-        :width: 60%
-        :alt: Keychain menu trusted certificate
 
 No additional setup is required for most browsers and you will now be able to safely connect to your Start9 server over LAN.