PDA

View Full Version : [Resolved] Import Security Certs via Command Line




DJLC
Feb 12, 2013, 08:10 AM
I work in a school, and we recently implemented a new web filter. To get it working properly, I need to install two security certificates on all our MacBooks.

I've already written directions my users (faculty & students) can follow to do this via Keychain Access. But before I send them out, I wanted to try one last time to automate this. It seems stupid that I can't manage to get these two certificates to import via command line. Ideally, I could make an .sh script that I can then bundle into a pkg to be distributed via ARD. I'd prefer my users not have to get into Keychain Access.

I've tried both security import and security add-certificates. The former seems to do nothing, and the latter says it's an invalid file type. My certificates are .crt files. They need to be marked as trusted for all users.

Any advice?



DJLC
Feb 12, 2013, 08:30 AM
Derp. Fixed.

Converted my .crt files to .cer files. Then used a combo of security import and security add-trusted-cert. Combine into an sh file, double check in Keychain Access... looks like it worked!