How to script the trust settings for a cert that's already in Keychain

ooshnoo
Valued Contributor

Hi

We've got a cert in the system keychain on our clients that we need to change the trust settings for.

Anyone got any idea how to do that via command / script???

3 REPLIES 3

bentoms
Release Candidate Programs Tester

What OS clients?

Is it a root cert you wish to trust?

ooshnoo
Valued Contributor

@bentoms
Mavericks and Mountain Lion clients.

It's an SSL cert for our RADIUS servers. I saw your article about adding a cert to the system keychain, just am lost how to change trust settings for a cert that already exists.

ctangora
Contributor III

You may be able to use 'security' to export the settings from a known good host, then import them back in.

I took a quick look and it seems like you may need to find a way to identify the cert, as it doesn't look like it matches up easily.