Installing Certificate and Trust it on several Mac's

Hello, I have several Mac users that I need to install and trust a certificate on Mac OS High Serria, I don't have access to each user all at one time. I am not sure the best way to roll this certificate out to everyone I was thinking of creating a help doc and write out each step with screenshots and email the certificate and directions out to everyone, but wasn't sure if there was a better way. I just think it a few steps and I am sure I will hear some gripes about the steps but just don't know any other better way without doing it myself and time just doesn't permit that.  Any suggestions
Deerek11Asked:
Who is Participating?
 
dfkeConnect With a Mentor Commented:
Hi,
      
To import a root CA certificate on the Mac.

  • Double-click the root CA certificate to open it in Keychain Access.

  • The root CA certificate appears in 'login'.

  • Copy the root CA certificate to 'System'.

  • You must copy the certificate to 'System' to ensure that it is trusted by all users and local system processes, including the virtual machine (.vmx) processes in Fusion.

  • Open the root CA certificate, expand 'Trust', select 'Use System Defaults', and save your changes.

  • Reopen the root CA certificate, expand 'Trust', select 'Always Trust', and save your changes.

  • Delete the root CA certificate from 'login'.

Cheers
0
 
Deerek11Author Commented:
How bad would it be if I left out the last 3 steps


Open the root CA certificate, expand 'Trust', select 'Use System Defaults', and save your changes.

Reopen the root CA certificate, expand 'Trust', select 'Always Trust', and save your changes.

Delete the root CA certificate from 'login'.
0
 
nappy_dConnect With a Mentor There are a 1000 ways to skin the technology cat.Commented:
You can also use the Apple configurator to install certs. CLICK HERE

SOme quick steps below

  1. Open Apple Configurator 2 and select File > New Profile
  2. Navigate to Global HTTP Proxy. Click Configure.
  3. Select the Manual Proxy Type and input your server address and port. Select the Allow bypassing proxy to access captive networks option.
  4. Push Certificates
  5. Next, you will need to push certificates.
  6. Navigate to Certificate and click Configure.
  7. Navigate to the directory where you have the SSL Certificate saved, select the certificate, and click Open.
  8. Exit out of the profile, give it a name, and Save it.
0
 
dfkeCommented:
Hi,

if you leave out those steps then the users will probably encounter popup messages regarding 'untrusted' connections.

Cheers
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.