diff --git a/System/Certificate/X509/MacOS.hs b/System/Certificate/X509/MacOS.hs
index dc2c3e4..247d113 100644
--- a/System/Certificate/X509/MacOS.hs
+++ b/System/Certificate/X509/MacOS.hs
@@ -11,10 +11,13 @@ import Control.Applicative
 import Data.Either
 import Data.Maybe
 
+keyChain :: String
+keyChain = "/System/Library/Keychains/SystemRootCertificates.keychain"
+
 findCertificate :: (X509 -> Bool) -> IO (Maybe X509)
 findCertificate f = do
-  (_, h, _, ph) <- runInteractiveCommand "security find-certificate -pa"
-  waitForProcess ph
-  pems <- parsePEMs <$> hGetContents h
+  (_, Just hout, _, ph) <- createProcess (proc "security" ["find-certificate", "-pa", keyChain]) { std_out = CreatePipe }
+  pems <- parsePEMs <$> hGetContents hout
+  _ <- waitForProcess ph
   let targets = rights $ map (decodeCertificate . LBS.fromChunks .  pure . snd) $ filter ((=="CERTIFICATE") . fst) pems
   return $ listToMaybe $ filter f targets