security Find Identity

   find-identity [-h] [-p policy] [-s string] [-v] [keychain...]
            Find an identity (certificate + private key) satisfying a given policy. If no policy arguments
            are provided, the X.509 basic policy is assumed. If no keychain arguments are provided, the
            default search list is used.

            -p policy       Specify policy to evaluate (multiple -p options are allowed). Supported policies:
                            basic, ssl-client, ssl-server, smime, eap, ipsec, ichat, codesigning, sysdefault,
                            default, sys-kerberos-kdc
            -s string       Specify optional policy-specific string (e.g. a DNS hostname for SSL, or RFC822
                            email address for S/MIME)
            -v              Show valid identities only (default is to show all identities)


            security> find-identity -v -p ssl-client
                     Display valid identities that can be used for SSL client authentication

            security> find-identity -p ssl-server -s
                     Display identities for a SSL server running on the host ''

            security> find-identity -p smime -s
                     Display identities that can be used to sign a message from ''

“Security is mostly a superstition. It does not exist in nature, nor do the children of men as a whole experience it. Avoiding danger is no safer in the long run than outright exposure. Life is either a daring adventure, or nothing” ~ Helen Keller


security - Administer Keychains, keys, certificates and the Security framework.

Copyright © 1999-2017
Some rights reserved