foozmeat · June 29, 2017 20:28
diff --git a/create_keychain.sh b/create_keychain.sh
 #!/bin/bash

 # some keychain stuff borrowed from 
 # https://apple.stackexchange.com/questions/287610/keychains-created-by-an-ssh-connection-are-locked-and-can-not-be-used

 # export identities with 
 # security export -k ${KEYCHAIN_NAME} -t identities -o identities.p12 -P ${P12_PASSWORD} -f pkcs12

 YELLOW=`tput setaf 3`
 RESET=`tput sgr0`

 KEYCHAIN_DIR=$HOME/Library/Keychains
 KEYCHAIN_NAME="dev.keychain"
 keychains=$(security list-keychains -d user)

 if [[ -z $P12_PASSWORD ]]; then
  echo "Please enter the ${YELLOW}p12 keyring${RESET} password: "
  read -s -p "Password: " P12_PASSWORD
 fi

 for keychain in $keychains
 do
  basename=$(basename "$keychain")

  if test "${basename#*db}" != "$basename"
  then
    keychainName=${basename::${#basename}-4}
  else
    keychainName=${basename::${#basename}-1}
  fi

  keychainNames+=("$keychainName")
 done

 echo "Keychains on this machine: ${keychainNames[@]}";

 if [ `echo ${keychainNames[@]} | grep -c "${KEYCHAIN_NAME}" ` -eq 1 ]; then
  echo "Deleting ${KEYCHAIN_NAME}"
  security delete-keychain ${KEYCHAIN_NAME}
 fi

 if [[ -z $KEYCHAIN_PASS ]]; then
  echo "Please choose a password for your new keychain: "
  read -s -p "Password: " KEYCHAIN_PASS
 fi

 echo "Creating ${KEYCHAIN_NAME}"
 security create-keychain -p ${KEYCHAIN_PASS} ${KEYCHAIN_NAME}

 if [ `echo ${keychainNames[@]} | grep -c "${KEYCHAIN_NAME}" ` -eq 0 ]; then
  echo "Adding ${KEYCHAIN_NAME} to search list"
  security -v list-keychains -s "${keychainNames[@]}" ${KEYCHAIN_NAME}

 elif [ `echo ${keychainNames[@]} | grep -c "${KEYCHAIN_NAME}" ` -eq 1 ]; then
  echo "Adding ${KEYCHAIN_NAME} to search list"
  security -v list-keychains -s "${keychainNames[@]}"

 fi

 security unlock-keychain -p ${KEYCHAIN_PASS} ${KEYCHAIN_NAME}
 security set-keychain-settings -l -u -t 10800 ${KEYCHAIN_NAME}
 security import identities.p12 -k ${KEYCHAIN_NAME} -P ${P12_PASSWORD} -T /usr/bin/codesign
 security import extra_certs.cer -k ${KEYCHAIN_NAME}
	#!/bin/bash

	# some keychain stuff borrowed from
	# https://apple.stackexchange.com/questions/287610/keychains-created-by-an-ssh-connection-are-locked-and-can-not-be-used

	# export identities with
	# security export -k ${KEYCHAIN_NAME} -t identities -o identities.p12 -P ${P12_PASSWORD} -f pkcs12

	YELLOW=`tput setaf 3`
	RESET=`tput sgr0`

	KEYCHAIN_DIR=$HOME/Library/Keychains
	KEYCHAIN_NAME="dev.keychain"
	keychains=$(security list-keychains -d user)

	if [[ -z $P12_PASSWORD ]]; then
	echo "Please enter the ${YELLOW}p12 keyring${RESET} password: "
	read -s -p "Password: " P12_PASSWORD
	fi

	for keychain in $keychains
	do
	basename=$(basename "$keychain")

	if test "${basename#*db}" != "$basename"
	then
	keychainName=${basename::${#basename}-4}
	else
	keychainName=${basename::${#basename}-1}
	fi

	keychainNames+=("$keychainName")
	done

	echo "Keychains on this machine: ${keychainNames[@]}";

	if [ `echo ${keychainNames[@]} \| grep -c "${KEYCHAIN_NAME}" ` -eq 1 ]; then
	echo "Deleting ${KEYCHAIN_NAME}"
	security delete-keychain ${KEYCHAIN_NAME}
	fi

	if [[ -z $KEYCHAIN_PASS ]]; then
	echo "Please choose a password for your new keychain: "
	read -s -p "Password: " KEYCHAIN_PASS
	fi

	echo "Creating ${KEYCHAIN_NAME}"
	security create-keychain -p ${KEYCHAIN_PASS} ${KEYCHAIN_NAME}

	if [ `echo ${keychainNames[@]} \| grep -c "${KEYCHAIN_NAME}" ` -eq 0 ]; then
	echo "Adding ${KEYCHAIN_NAME} to search list"
	security -v list-keychains -s "${keychainNames[@]}" ${KEYCHAIN_NAME}

	elif [ `echo ${keychainNames[@]} \| grep -c "${KEYCHAIN_NAME}" ` -eq 1 ]; then
	echo "Adding ${KEYCHAIN_NAME} to search list"
	security -v list-keychains -s "${keychainNames[@]}"

	fi

	security unlock-keychain -p ${KEYCHAIN_PASS} ${KEYCHAIN_NAME}
	security set-keychain-settings -l -u -t 10800 ${KEYCHAIN_NAME}
	security import identities.p12 -k ${KEYCHAIN_NAME} -P ${P12_PASSWORD} -T /usr/bin/codesign
	security import extra_certs.cer -k ${KEYCHAIN_NAME}