Deploying certificate to Macs
Hello. New member here. I need to deploy certificates for our Macs and was wondering how others go about this. I'm thinking that the server these systems need access to will have a self signed cert from an internal CA. I believe what I need to do is install a root certificate on all the Macs so that they trust this server implicitly. I am vaguely familiar with importing certs into the keychain but I'm a little unclear on the sequence of events. I'm thinking copy the root cert to the machine (probably /var/temp), import the cert and then somehow get the machine to trust that cert. It's the trusting the cert part where I'm a bit unclear.
I know this can be done by other means, particularly profile manager, but we have a K1000/K2000 environment with the Macs already in KACE so I'd prefer to use what we have. Any help appreciated.
Ken-
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
jknox
9 years ago
I'd probably use a kscript. Add the cert as a dependency. Then, use a terminal command similar to the one in the link https://derflounder.wordpress.com/2011/03/13/adding-new-trusted-root-certificates-to-system-keychain/
One thing to note is that the KACE agent runs as root, so you do not have to use sudo.
One thing to note is that the KACE agent runs as root, so you do not have to use sudo.
