=Start=<\/p>\n\n\n\n
\u524d\u51e0\u5929\u60f3\u5230\u7684\u4e00\u4e2a\u70b9\uff0c\u8d81\u7740\u4f11\u606f\u7684\u65f6\u5019\u505a\u4e86\u4e00\u4e0b\u641c\u7d22\u6d4b\u8bd5\uff0c\u7b80\u5355\u8bb0\u5f55\u4e00\u4e0b\u4e00\u4e9b\u5173\u952e\u70b9\u65b9\u4fbf\u540e\u9762\u6709\u9700\u8981\u7684\u65f6\u5019\u53c2\u8003\u3002<\/p>\n\n\n\n
Where are digital certificates physically stored on a Mac OS X machine? #nice Keychain Access From Shell #nice Keychain services How to view certificate info without installing How can I parse the certificate information output from the security command in Mac? macOS-security\u547d\u4ee4 \u7528\u547d\u4ee4\u884c\u7ba1\u7406iOS\u8bc1\u4e66 Mac Security\u5de5\u5177\u4f7f\u7528\u603b\u7ed3 Enumerate all certificates in Mac Keychain and compare creation\/expiry dates Enumerate certificates in Mac Keychain and check their expiry dates security(1) [osx man page] openssl-x509, x509 – Certificate display and signing utility How do I view the details of a digital certificate .cer file? How to view an application certificate on Mac OS.? How to dump the content of keychain from the shell? How do I script codesign to trust an imported keychain from the Mac command line Accessing keychain from Terminal? Get Keychain Passwords from Command Linesecurity<\/code> \u547d\u4ee4\u662fmacOS\u7cfb\u7edf\u4e2d\u94a5\u5319\u94fe\u548c\u5b89\u5168\u6846\u67b6\u7684\u547d\u4ee4\u884c\u7ba1\u7406\u5de5\u5177\uff0c\uff08\u56fe\u5f62\u5316\u5de5\u5177\u4e3a\u94a5\u5319\u4e32\u8bbf\u95ee<\/strong>(Keychain Access.app)\uff09\u3002\u94a5\u5319\u4e32\uff08Keychain\uff09\u5b9e\u8d28\u4e0a\u5c31\u662f\u4e00\u4e2a\u7528\u4e8e\u5b58\u653e\u8bc1\u4e66\u3001\u5bc6\u94a5\u3001\u5bc6\u7801\u7b49\u5b89\u5168\u8ba4\u8bc1\u5b9e\u4f53\u7684\u4ed3\u5e93\uff0c\u5728\u8ba1\u7b97\u673a\u4e2d\u4fdd\u5b58\u4e3a\u4e00\u4e2a.keychain\u7684\u6587\u4ef6\uff0c\u9ed8\u8ba4\u5b58\u653e\u5728\u4ee5\u4e0b\u76ee\u5f55\u4e2d\uff1a<\/p>\n\n\n\n\n
# \u5e38\u7528 security \u5b50\u547d\u4ee4\u53ca\u5176\u529f\u80fd\u8bf4\u660e\n\nsecurity list-keychains #\u663e\u793a\u6216\u8bbe\u7f6e\u94a5\u5319\u4e32\u641c\u7d22\u5217\u8868\nsecurity default-keychain #\u663e\u793a\u6216\u8bbe\u7f6e\u9ed8\u8ba4\u7684\u94a5\u5319\u4e32 \nsecurity login-keychain #\u663e\u793a\u6216\u8bbe\u7f6e\u767b\u5f55\u94a5\u5319\u4e32\n\nsecurity dump-keychain #\u663e\u793a\u4e00\u4e2a\u6216\u591a\u4e2a\u94a5\u5319\u4e32\u7684\u5185\u5bb9\n\nsecurity set-keychain-settings #\u8bbe\u7f6e\u94a5\u5319\u4e32\u914d\u7f6e\nsecurity set-keychain-password #\u8bbe\u7f6e\u94a5\u5319\u4e32\u5bc6\u7801\n\nsecurity find-identity #\u67e5\u627e\u8ba4\u8bc1\u5b9e\u4f53\uff08\u8bc1\u4e66+\u79c1\u94a5\uff09\nsecurity find-identity -v #\u67e5\u627e\u8ba4\u8bc1\u5b9e\u4f53\uff08\u8bc1\u4e66+\u79c1\u94a5\uff09\uff0c\u53ea\u663e\u793a\u6709\u6548\u7684\u8eab\u4efd\n\nsecurity dump-trust-settings #\u663e\u793a\u4fe1\u4efb\u8bbe\u7f6e\u7684\u5185\u5bb9\n\nsecurity find-generic-password #Find a generic password item.\nsecurity find-internet-password #Find an internet password item.\nsecurity find-key #Find keys in the keychain\nsecurity find-certificate #Find a certificate item.\nsecurity find-identity #Find an identity (certificate + private key).<\/code><\/pre>\n\n\n\n
\n\n\n\nNAME\n security \u2013 Command line interface to keychains and Security framework\n\nSYNOPSIS\n security [-hilqv] [-p prompt] [command] [command_options] [command_args]\n\nDESCRIPTION\n A simple command line interface which lets you administer keychains, manipulate keys and certificates, and do just about anything the Security framework is capable of from the command line.\n \u4e00\u4e2a\u7b80\u5355\u7684\u547d\u4ee4\u884c\u63a5\u53e3\uff0c\u5b83\u5141\u8bb8\u60a8\u7ba1\u7406\u94a5\u5319\u94fe\u3001\u64cd\u4f5c\u5bc6\u94a5\u548c\u8bc1\u4e66\uff0c\u4ee5\u53ca\u4ece\u547d\u4ee4\u884c\u6267\u884c\u5b89\u5168\u6846\u67b6\u80fd\u591f\u6267\u884c\u7684\u4efb\u4f55\u64cd\u4f5c\u3002\n\n By default security will execute the command supplied and report if anything went wrong.\n\n If the -i or -p options are provided, security will enter interactive mode and allow the user to enter multiple commands on stdin. When EOF is read from stdin security will exit.\n\n ...\n\n\n$ security -h\n help Show all commands, or show usage for a command.\n list-keychains Display or manipulate the keychain search list.\n list-smartcards Display available smartcards.\n default-keychain Display or set the default keychain.\n login-keychain Display or set the login keychain.\n create-keychain Create keychains and add them to the search list.\n delete-keychain Delete keychains and remove them from the search list.\n lock-keychain Lock the specified keychain.\n unlock-keychain Unlock the specified keychain.\n set-keychain-settings Set settings for a keychain.\n set-keychain-password Set password for a keychain.\n show-keychain-info Show the settings for keychain.\n dump-keychain Dump the contents of one or more keychains.\n create-keypair Create an asymmetric key pair.\n add-generic-password Add a generic password item.\n add-internet-password Add an internet password item.\n add-certificates Add certificates to a keychain.\n find-generic-password Find a generic password item.\n delete-generic-password Delete a generic password item.\n set-generic-password-partition-list Set the partition list of a generic password item.\n find-internet-password Find an internet password item.\n delete-internet-password Delete an internet password item.\n set-internet-password-partition-list Set the partition list of a internet password item.\n find-key Find keys in the keychain\n set-key-partition-list Set the partition list of a key.\n find-certificate Find a certificate item.\n find-identity Find an identity (certificate + private key).\n delete-certificate Delete a certificate from a keychain.\n delete-identity Delete an identity (certificate + private key) from a keychain.\n set-identity-preference Set the preferred identity to use for a service.\n get-identity-preference Get the preferred identity to use for a service.\n create-db Create a db using the DL.\n export Export items from a keychain.\n import Import items into a keychain.\n export-smartcard Export items from a smartcard.\n cms Encode or decode CMS messages.\n install-mds Install (or re-install) the MDS database.\n add-trusted-cert Add trusted certificate(s).\n remove-trusted-cert Remove trusted certificate(s).\n dump-trust-settings Display contents of trust settings.\n user-trust-settings-enable Display or manipulate user-level trust settings.\n trust-settings-export Export trust settings.\n trust-settings-import Import trust settings.\n verify-cert Verify certificate(s).\n authorize Perform authorization operations.\n authorizationdb Make changes to the authorization policy database.\n execute-with-privileges Execute tool with privileges.\n leaks Run \/usr\/bin\/leaks on this process.\n error Display a descriptive message for the given error code(s).\n create-filevaultmaster-keychain Create a keychain containing a key pair for FileVault recovery use.\n smartcards Enable, disable or list disabled smartcard tokens.\n translocate-create Create a translocation point for the provided path\n translocate-policy-check Check whether a path would be translocated.\n translocate-status-check Check whether a path is translocated.\n translocate-original-path Find the original path for a translocated path.\n requirement-evaluate Evaluate a requirement against a cert chain.\n$\n$ security dump-trust-settings<\/code><\/pre>\n\n\n\n\u53c2\u8003\u94fe\u63a5\uff1a<\/h5>\n\n\n\n
https:\/\/superuser.com\/questions\/992167\/where-are-digital-certificates-physically-stored-on-a-mac-os-x-machine<\/a><\/p>\n\n\n\n
https:\/\/macromates.com\/blog\/2006\/keychain-access-from-shell\/<\/a><\/p>\n\n\n\n
https:\/\/developer.apple.com\/documentation\/security\/keychain_services<\/a><\/p>\n\n\n\n
https:\/\/apple.stackexchange.com\/questions\/165215\/how-to-view-certificate-info-without-installing<\/a><\/p>\n\n\n\n
https:\/\/stackoverflow.com\/questions\/76378589\/how-can-i-parse-the-certificate-information-output-from-the-security-command-in<\/a><\/p>\n\n\n\n
https:\/\/www.cnblogs.com\/Galesaur-wcy\/p\/17991221<\/a><\/p>\n\n\n\n
https:\/\/blog.csdn.net\/lizeyang\/article\/details\/18419087<\/a><\/p>\n\n\n\n
https:\/\/www.cnblogs.com\/pixy\/p\/4817579.html<\/a><\/p>\n\n\n\n
https:\/\/stackoverflow.com\/questions\/40579726\/enumerate-all-certificates-in-mac-keychain-and-compare-creation-expiry-dates<\/a><\/p>\n\n\n\n
https:\/\/superuser.com\/questions\/1145431\/enumerate-certificates-in-mac-keychain-and-check-their-expiry-dates<\/a><\/p>\n\n\n\n
https:\/\/www.unix.com\/man-page\/osx\/1\/security\/<\/a><\/p>\n\n\n\n
https:\/\/www.openssl.org\/docs\/man1.0.2\/man1\/x509.html<\/a><\/p>\n\n\n\n
https:\/\/serverfault.com\/questions\/215606\/how-do-i-view-the-details-of-a-digital-certificate-cer-file<\/a><\/p>\n\n\n\n
https:\/\/stackoverflow.com\/questions\/22925090\/how-to-view-an-application-certificate-on-mac-os<\/a><\/p>\n\n\n\n
https:\/\/apple.stackexchange.com\/questions\/184897\/how-to-dump-the-content-of-keychain-from-the-shell<\/a><\/p>\n\n\n\n
https:\/\/stackoverflow.com\/questions\/76214845\/how-do-i-script-codesign-to-trust-an-imported-keychain-from-the-mac-command-line<\/a><\/p>\n\n\n\n
https:\/\/discussions.apple.com\/thread\/1518945?sortBy=best<\/a><\/p>\n\n\n\n
https:\/\/davidwalsh.name\/keychain-command-line<\/a><\/p>\n\n\n\n