Automatically trusting certificates WITHOUT prompts?

New Contributor III

Hello all,

At my workplace we have changed out wifi authentication, it now requires a certificate before allowing someone to connect, this has broken my login screen wifi profile, that now no longer provides wifi connection at the login screen for authentication

I think this is because it requires the new certificate to be accepted manually on all machines upon connection.

The problem is - I have the certificate, and I have pushed it to every machine - but it is untrusted, and in order to connect to the wifi, you have to manually select it, enter credentials, get prompted for the cert, trust it, and then enter the user password (not admin) and then you can connect

Is there any way around this?

Can I automatically trust the cert on every machine without having to prompt?


Honored Contributor

If you're pushing the certs via the 802.1x profile payload, you should be able to mark them as Trusted in the Trust tab within. (it's not very obvious)

Contributor II

If this goes to the system keychain for example you can use the following:

security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "path to the profile"

But you also can do this for the users keychain.