security cert

   add-trusted-cert [-d] [-r resultType] [-p policy] [-a appPath] [-s policyString]
      [-e allowedError] [-u keyUsage] [-k keychain] [-i settingsFileIn] [-o settingsFileOut] [-D] certFile

            Add certificate (in DER or PEM format) from certFile to per-user or local Admin Trust Settings.
            When modifying per-user Trust Settings, user authentication is required via an authentication
            dialog. When modifying admin Trust Settings, the process must be running as root, or admin
            authentication is required.

            -d              Add to admin cert store; default is user.
            -r resultType   resultType = trustRoot|trustAsRoot|deny|unspecified; default is trustRoot.
            -p policy       Specify policy constraint (ssl, smime, codeSign, IPSec, iChat, basic, swUpdate,
                            pkgSign, pkinitClient, pkinitServer, eap).
            -r resultType   resultType = trustRoot|trustAsRoot|deny|unspecified; default is trustRoot.
            -a appPath      Specify application constraint.
            -s policyString
                            Specify policy-specific string.
            -e allowedError
                            Specify allowed error (an integer value, or one of: certExpired, hostnameMismatch)
            -u keyUsage     Specify key usage, an integer.
            -k keychain     Specify keychain to which cert is added.
            -i settingsFileIn
                            Input trust settings file; default is user domain.
            -o settingsFileOut
                            Output trust settings file; default is user domain.
            -D              Add default setting instead of per-cert setting. No certFile is specified when
                            using this option

                  security> add-trusted-cert /tmp/cert.der
                  security> add-trusted-cert -d .tmp/cert.der

   remove-trusted-cert [-d] [-D] certFile
          Remove certificate (in DER or PEM format) in certFile from per-user or local Admin Trust Settings.
          When modifying per-user Trust Settings, user authentication is required via an authentication dialog.
          log. When modifying admin Trust Settings, the process must be running as root, or admin authentication
          cation is required.

          -d              Remove from admin cert store; default is user.
          -D              Remove Default Root Cert setting instead of an actual cert setting. No certFile is
                          specified when using this option.

“Security is mostly a superstition. It does not exist in nature, nor do the children of men as a whole experience it. Avoiding danger is no safer in the long run than outright exposure. Life is either a daring adventure, or nothing” ~ Helen Keller


security - Administer Keychains, keys, certificates and the Security framework.

Back to the Top

© Copyright 1999-2012
Some rights reserved