Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

add-trusted-cert

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

add-trusted-cert

Add trusted certificates to the macOS keychain via an API

  • 0.6.1
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

add-trusted-cert

An API for calling the security add-trusted-cert command in macOS to add certificates to the system keychain.

This is useful if you are generating a root CA / self-signed certificate and want to auto-register it into the keychain.

For more information, see man security and search for the add-trusted-cert command.

Install

npm i add-trusted-cert

Notes

  • Using this will prompt the user for sudo access for security to write to the keychain, followed by another confirmation to add the certificate to the trust store.
  • I have never gotten the policyConstraint flags to work with trustAsRoot for resultType
  • I cannot offer support for troubleshooting the security parameters, it's very much a black box in general

Usage

import { addTrustedCert, POLICY_CONSTRAINTS, RESULT_TYPES } from 'add-trusted-cert'

(async () => {
  // Add a root certificate / certificate authority
  // This will set the policy for the cert to 'Always Trust'
  // Be aware of the security implications of allowing the cert to be trusted for everything
  await addTrustedCert({
    addToAdminCertStore: true,
    resultType: RESULT_TYPES.TRUST_ROOT,
  }, 'root.crt')
})()

Debugging

To see the command line output that is generated, add:

DEBUG=add-trusted-cert <your node app start command>

API

addTrustedCert(options, certFile) ⇒ Promise.<string>

Add certificate (in DER or PEM format) from certFile to per-user or local Admin Trust Settings. When modifying per-user Trust Settings, user authentication is required via an authentication dialog. When modifying admin Trust Settings, the process must be running as root, or admin authentication is required.

Returns: Promise.<string> - Output of the security add-trusted-cert command See: man security add-trusted-cert

ParamTypeDescription
optionsobject
[options.addToAdminCertStore]booleanIf true, adds the cert to the admin cert store
[options.resultType]string
[options.policyConstraint]Array.<string> | stringPolicy constraints
[options.appPath]stringApplication constraint
[options.policyString]stringPolicy-specific string
[options.allowedError]Array.<(string|number)> | number | string
[options.keyUsageCode]numberKey usage. For more than one usage, add values together (except -1).
[options.keychain]stringKeychain to which the cert is added. Default is '/Library/Keychains/System.keychain'.
[options.settingsFileIn]stringInput trust settings file; default is user domain
[options.settingsFileOut]stringOutput trust settings file; default is user domain
certFilestringCertificate file to add

Keywords

FAQs

Package last updated on 18 May 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc