salt.states.mac_keychain module

Installing of certificates to the keychain

Install certificats to the macOS keychain

/mnt/test.p12:
  keychain.installed:
    - password: test123
salt.states.mac_keychain.default_keychain(name, domain='user', user=None)

Set the default keychain to use

name

The chain in which to use as the default

domain

The domain to use valid values are user|system|common|dynamic, the default is user

user

The user to run as

salt.states.mac_keychain.installed(name, password, keychain='/Library/Keychains/System.keychain', **kwargs)

Install a p12 certificate file into the macOS keychain

name

The certificate to install

password

The password for the certificate being installed formatted in the way described for openssl command in the PASS PHRASE ARGUMENTS section

keychain

The keychain to install the certificate to, this defaults to /Library/Keychains/System.keychain

allow_any

Allow any application to access the imported certificate without warning

keychain_password

If your keychain is likely to be locked pass the password and it will be unlocked before running the import

salt.states.mac_keychain.uninstalled(name, password, keychain='/Library/Keychains/System.keychain', keychain_password=None)

Uninstall a p12 certificate file from the macOS keychain

name

The certificate to uninstall, this can be a path for a .p12 or the friendly name

password

The password for the certificate being installed formatted in the way described for openssl command in the PASS PHRASE ARGUMENTS section

cert_name

The friendly name of the certificate, this can be used instead of giving a certificate

keychain

The keychain to remove the certificate from, this defaults to /Library/Keychains/System.keychain

keychain_password

If your keychain is likely to be locked pass the password and it will be unlocked before running the import