Install CA Certificate
Has anyone used ARD to push CA certificates to Keychains on remote machines?
MacBook Pro 16″, macOS 13.2
Question marked as
Top-ranking reply
I did this some years ago for a local government's design studio. I Installed the certificate(s) on the admin Mac I was using at the time and then exported the ones I needed to deploy to the local /Users/Shared folder. Using ARD's Copy feature the certificate(s) were copied to the same location on all the target Macs. I chose /Users/Shared because all other accounts other than the admin one have read only access.
I used the following command (run as root):
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /Users/Shared/NAMEOFYOURCERTIFICATE.cer
I had multiple certificates to install at the time and I just amended the command to accommodate them all as necessary. I even created a bash script to do I needed to do in one step. This was done when High Sierra changed to Mojave. As I recall it worked as intended.
Since then Apple have changed things (eg: default shell is now zsh etc) and I've not had chance to use it again so I don't know if it will work now as it used to but I don't see why not? As ever test and amend/adjust if necessary.
AFAIK the 'security' command line has not been deprecated as you can still call up its manual page in Terminal (I'm on Catalina - can't comment on any later OS) which in itself is not a guarantee that it hasn't been.
Good luck.