[Fed-Talk] Scriptable way to refresh intermediate CA's?
[Fed-Talk] Scriptable way to refresh intermediate CA's?
- Subject: [Fed-Talk] Scriptable way to refresh intermediate CA's?
- From: Taylor Armstrong - NOAA Affiliate <email@hidden>
- Date: Tue, 25 Aug 2015 09:36:07 -0400
Running into an issue and trying to see if there is a better way to script it, but also realizing that someone out there may have a better approach all together.
Centrify's website details how to add the DoD intermediate certificates to a default OS 10 build by importing the SystemCACertificate.keychain here:
What I'm looking for is an easy way to script that in order to automate it as part of our build process. I can find options on the "Security" command to add certificates TO a keychain, but not to add a keychain itself.
I'm also interested in any method of "refreshing" this periodically. We've found a small number of systems that seem to be missing individual DoD CA's, causing issues with CAC authentication. Importing the certificates manually resolves it, but I'd like to simply have a monthly task that refreshes the list of DoD CA's against a known source if that's possible... or am I going down the wrong path?
--
Taylor Armstrong
Contractor at NOAA
Macintosh Systems Administrator
Tel: 301-713-1156, ext 195
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden