security cert

   add-trusted-cert [-d] [-r resultType] [-p policy] [-a appPath] [-s policyString]
      [-e allowedError] [-u keyUsage] [-k keychain] [-i settingsFileIn] [-o settingsFileOut] [-D] certFile

            Add certificate (in DER or PEM format) from certFile to per-user or local Admin Trust Settings.
            When modifying per-user Trust Settings, user authentication is required via an authentication
            dialog. When modifying admin Trust Settings, the process must be running as root, or admin
            authentication is required.

            Options:
            -d              Add to admin cert store; default is user.
            -r resultType   resultType = trustRoot|trustAsRoot|deny|unspecified; default is trustRoot.
            -p policy       Specify policy constraint (ssl, smime, codeSign, IPSec, iChat, basic, swUpdate,
                            pkgSign, pkinitClient, pkinitServer, eap).
            -r resultType   resultType = trustRoot|trustAsRoot|deny|unspecified; default is trustRoot.
            -a appPath      Specify application constraint.
            -s policyString
                            Specify policy-specific string.
            -e allowedError
                            Specify allowed error (an integer value, or one of: certExpired, hostnameMismatch)
                            match)
            -u keyUsage     Specify key usage, an integer.
            -k keychain     Specify keychain to which cert is added.
            -i settingsFileIn
                            Input trust settings file; default is user domain.
            -o settingsFileOut
                            Output trust settings file; default is user domain.
            -D              Add default setting instead of per-cert setting. No certFile is specified when
                            using this option

            Examples
                  security> add-trusted-cert /tmp/cert.der
                  security> add-trusted-cert -d .tmp/cert.der

   remove-trusted-cert [-d] [-D] certFile
          Remove certificate (in DER or PEM format) in certFile from per-user or local Admin Trust Settings.
          When modifying per-user Trust Settings, user authentication is required via an authentication dialog.
          log. When modifying admin Trust Settings, the process must be running as root, or admin authentication
          cation is required.

          Options:
          -d              Remove from admin cert store; default is user.
          -D              Remove Default Root Cert setting instead of an actual cert setting. No certFile is
                          specified when using this option.

“Security is mostly a superstition. It does not exist in nature, nor do the children of men as a whole experience it. Avoiding danger is no safer in the long run than outright exposure. Life is either a daring adventure, or nothing” ~ Helen Keller

Related macOS commands

security - Administer Keychains, keys, certificates and the Security framework.
codesign - Create and manipulate code signatures.

 
Copyright © 1999-2024 SS64.com
Some rights reserved