Hi All,
I've been poking around but haven't found a solution for my unique situation. Basically, I need to remove an old certificate that will have the same exact name as a newer certificate from the system keychain. The only difference is one is SHA-1, the other is SHA-256. I can't seem to find a way to programmatically read the "Signature Algorithm" field. It looks like openSSL can do this with a line like:
openssl x509 -noout -text -in /path/to/yourcert.crt
But since these certs are in the keychain, I don't think there's a way to pass the path? Maybe I'm missing something?
Anyone able to point me in the right direction?
Thanks!
Matt