Mark certifications from China as not trusted on OS X.
./import-trust-settings.sh
This will merge new trust settings into existing settings.
If you'd like to overwrite all existing settings, simply run:
sudo security trust-settings-import -d TrustSettings.plist./test-trust-settings.shThis will test all urls found in test/test-url-list.txt. It will use curl by default.
To run the test with wget, you can set $TESTDRIVER environment variable.
TESTDRIVER=wget ./test-trust-settings.shBeware that wget must be built with Apple's SSL library to take effect of trust settings.
MODE=essential ./build-trust-settings.shThis will rebuild trust settings using certificates in Severity.High.md.
MODE=recommend ./build-trust-settings.sh
This will rebuild trust settings using certificates in Severity.High.md and Severity.Medium.md. Default.
MODE=strict ./build-trust-settings.sh
This will rebuild trust settings using certificates in Severity.High.md, Severity.Medium.md and Severity.Low.md.
See Certificates/README.md for more details.
./libexec/security-trust-settings-merge SystemDefault.plist
sudo security trust-settings-import -d SystemDefault.plistThis will restore your trust settings to system default.
The security-trust-settings-tools included in this project is licensed under BSD 2-clause License.