Hello.  New member here.  I need to deploy certificates for our Macs and was wondering how others go about this.  I'm thinking that the server these systems need access to will have a self signed cert from an internal CA.  I believe what I need to do is install a root certificate on all the Macs so that they trust this server implicitly.  I am vaguely familiar with importing certs into the keychain but I'm a little unclear on the sequence of events.  I'm thinking copy the root cert to the machine (probably /var/temp), import the cert and then somehow get the machine to trust that cert. It's the trusting the cert part where I'm a bit unclear.  

I know this can be done by other means, particularly profile manager, but we have a K1000/K2000 environment with the Macs already in KACE so I'd prefer to use what we have. Any help appreciated.

0 Comments   [ - ] Hide Comments


Please log in to comment

Answer this question or Comment on this question for clarity


I'd probably use a kscript.  Add the cert as a dependency.  Then, use a terminal command similar to the one in the link https://derflounder.wordpress.com/2011/03/13/adding-new-trusted-root-certificates-to-system-keychain/

One thing to note is that the KACE agent runs as root, so you do not have to use sudo.
Answered 12/03/2015 by: jknox
Red Belt

Please log in to comment