The system default I take it does not suffice.
Have you thought about putting together an anchors keychain for the organization and then providing an installer for it? This would be something installed at the system level in the search chain and would contain all the intermediary certs, etc that your organization needs on every Mac.
This way you can set up the trust exactly the way you want and it can be distributed with Apple Remote Desktop easily to 100's or 1000's of Macs all at once. Further, in this way you don't rely on any keychain not under your control (system or user ones)
If you want to take this route, I can throw you the installer I wrote for ours... It installs the keychain and adds it to the search path... V/R, Wm. Cerniuk 703.594.7616
(Sent faster from my iPhone 3G) On Jun 11, 2009, at 12:49 PM, "Nichols, Jared" < email@hidden> wrote:
Hi-
Does anyone know a scriptable way to set certificate trust level? I’m automating the installation of our root CA onto managed macs and can successfully install them, I now just need to set trust level. I don’t see a way to do it with certtool on the command line.
Thanks
j
---
Jared F. Nichols
Desktop Engineer, Infrastructure and Operations
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
|