Skip to main content

Keychain Access

Keychain Access is a macOS application that stores your passwords and account information. Strengthen the security of your API key and client authentication certificate password by storing them in Keychain Access.

Once your credentials are stored, all DigiCert​​®​​ Software Trust Manager client tools can pull your credentials from Keychain Access. Use your system login password if you receive a keychain pop-up when attempting to complete any operation that requires multi-factor authentication.

Save credentials to Keychain Access

You can use this command repeatedly to overwrite the credentials stored.

To save credentials to the Keychain Access, run the following command in SMCTL:

./smctl-mac-x64 credentials save <API Key> <Client certificate password>

Note

Once your API key and client authentication certificate password is securely stored in Keychain Access, use the following command to set the host and client authentication certificate in SMCTL:

export SM_HOST=<host URL>
export SM_CLIENT_CERT_FILE=<P12 client authentication certificate file path>

Alternatively, you can store these variables in a properties file or persistent variables.

Remove credentials from Keychain Access

To delete credentials saved in the Keychain Access, run the following command in SMCTL:

./smctl-mac-x64 credentials delete

Proxy configuration

Configure the HTTPS_PROXY environment variable if the client tool need to communicate through a proxy.

Anonymous proxy

Use this command if your proxy does not require authentication:

export HTTPS_PROXY=https://<proxy_host>:<proxy_port>

Authenticated proxy

Use this command if your proxy requires authentication:

export HTTPS_PROXY=https://user:password@<proxy_host>:<proxy_port>