koop · November 28, 2017 20:27
diff --git a/ensure-cert-macos.sh b/ensure-cert-macos.sh
 #!/bin/bash
 # Usage
 # $ ./install-cert-macos.sh "/path/to/cert"
 CERT_PATH="$1"

 # First, grab the SHA-1 from the provided SSL cert.
 CERT_SHA1=$(openssl x509 -in "$CERT_PATH" -sha1 -noout -fingerprint | cut -d "=" -f2 | sed "s/://g")

 # Next, grab the SHA-1s of any standard.dev certs in the keychain.
 # Don't return an error code if nothing is found.
 EXISTING_CERT_SHAS=$(security find-certificate -a -c "standard.dev" -Z /Library/Keychains/System.keychain | grep "SHA-1") || true

 echo "$EXISTING_CERT_SHAS" | grep -q "$CERT_SHA1" || {
  sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$CERT_PATH"
 }
	#!/bin/bash
	# Usage
	# $ ./install-cert-macos.sh "/path/to/cert"
	CERT_PATH="$1"

	# First, grab the SHA-1 from the provided SSL cert.
	CERT_SHA1=$(openssl x509 -in "$CERT_PATH" -sha1 -noout -fingerprint \| cut -d "=" -f2 \| sed "s/://g")

	# Next, grab the SHA-1s of any standard.dev certs in the keychain.
	# Don't return an error code if nothing is found.
	EXISTING_CERT_SHAS=$(security find-certificate -a -c "standard.dev" -Z /Library/Keychains/System.keychain \| grep "SHA-1") \|\| true

	echo "$EXISTING_CERT_SHAS" \| grep -q "$CERT_SHA1" \|\| {
	sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$CERT_PATH"
	}