Re: [Fed-Talk] Please file a bug report
Re: [Fed-Talk] Please file a bug report
- Subject: Re: [Fed-Talk] Please file a bug report
- From: "Burgin, Thomas (NIH/NIMH) [C]" <email@hidden>
- Date: Thu, 17 Apr 2014 16:25:53 +0000
- Thread-topic: [Fed-Talk] Please file a bug report
Maybe this helps?
## Get the hash of a cert on the filesystem
sha1_fingerprint=`openssl dgst -sha1 “$cert_path" | cut -d "=" -f2 | awk '{print toupper($0)}' | sed 's/^[ \t]*//'`;
## Delete the cert and remove any trust setting associated from the keychain
security delete-certificate -t -Z "$sha1_fingerprint" &>/dev/null;
On Apr 17, 2014, at 7:58 AM, Fiumara, Gregory <email@hidden> wrote:
> On 4/16/14, 6:21 PM, "John Oliver" <email@hidden> wrote:
>
>> security find-certificate -Z
>
> The -Z option of security when used with the find-certificate command is
> used to "Print SHA-1 hash of the certificate," not to find certificates
> based on the hash. I think you probably want something like:
>
> security find-certificate -a -Z
> /System/Library/Keychains/SystemRootCertificates.keychain | grep '^SHA-1\|
> "alis"' | grep -B 1 B80186D1EB9C86A54104CF3054F34C52B7E558C6
>
>
> Prints:
> "alis"<blob>="OISTE WISeKey Global Root GA CA"
> SHA-1 hash: B80186D1EB9C86A54104CF3054F34C52B7E558C6
>
>
> -Greg
>
> --
> Greg Fiumara
>
>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden