TLDR: How can I discover make safety set-key-partition-list run towards a single entry, moderately than all the pieces within the keystore?
I used to be dealing with points with a cipher mismatch with an dotnet/aspnet app and a self signed cert:
Finally I discovered this github problem, which led me to
log stream --process <PID_OF_SECURITYD>
Giving:
securityd: [com.apple.securityd:integrity] failure extending partition
securityd: [com.apple.securityd:security_exception] MacOS error: 32
securityd: [com.apple.securityd:clientid] code requirement verify failed (-67050), consumer just isn't Apple-signed
securityd: [com.apple.securityd:integrity] ACL partition mismatch: consumer teamid:UBF8T346G9 ACL ("cdhash:71c6a2e36e9b3aa01232049c467ebbad51311b9")
Looking out from there gave me this SO query(!), which instructed
sudo safety set-key-partition-list -D localhost -S unsigned:,teamid:UBF8T346G9 $(safety login-keychain)
And voila, this labored – I can now use this certificates to run the app regionally.
However, that command ran towards ~2489 entries, moderately than the 1 that I anticipated.
So, how can I discover make safety set-key-partition-list run towards a
single entry, moderately than all the pieces within the keystore?
Plainly safety find-key has fully completely different args that do not appear to match – I both get no outcomes, or ~2489 outcomes.
I’ve even obtained to the purpose of spelunking by the supply code to attempt to determine this out, however I did not get very far.