Convert certificate type on mac

It is easy to convert certificate type on MAC without having to use command line tool.
1. open keychain application on mac.
2. optional create a new keychain for separating this certificate from others by clicking File-New KeyChain
3. drag and drop the original certificate into the new keychain, or use File-Import menu and select the new keychain
4. export the imported certificate to other format by clicking File-Export menu

In addition, there is a good document about managing certificate on MAC.
https://developer.apple.com/library/ios/technotes/tn2326/_index.html#//apple_ref/doc/uid/DTS40014136

When testing the self signed certificate, the root CA must be installed on device via configuration profile. Just install the server certificate without root CA will not make the device to trust the server certificate.

To deploy the configuration profile from IIS to ios browser, in iis mime type configuration, add a new mime type, with extension of ".mobileconfig", and MIME type as "application/iphone-configuration"

Trust the self signed certificate on Chrome and Safaria on MAC

Safaria and Chrome on MAC use the keychain to handle self signed certificate, following the below steps to trust the self signed server certificate.

In the address bar, click the little lock with the X. This will bring up a small information screen. Click the button that says "Certificate Information."

Click and drag the image to your desktop. It looks like a little certificate.

Double-click it. This will bring up the Keychain Access utility. Enter your password to unlock it.

Be sure you add the certificate to the System keychain, not the login keychain. Click "Always Trust," even though this doesn't seem to do anything.

After it has been added, double-click it. You may have to authenticate again.

Expand the "Trust" section.

"When using this certificate," set to "Always Trust"