802.1X Management on the command line

macos command-line network 802.1x

Solution 1:

With EAP-TLS, manipulating certificates, identity preferences and a single password entry all in keychain access can be done from the command line.

Something like:

security import ${PK12} -A -x -k login.keychain -P ${PW}

security set-identity-preference -c ${CN} -Z ${FINGERPRINT} -s com.apple.network.eap.user.identity.default

security set-identity-preference -c ${CN} -Z ${FINGERPRINT} -s com.apple.network.eap.user.identity.wlan.ssid.${SSID}

security add-generic-password -a ${USER} -D "802.1X Password" -l Default -s com.apple.network.eap.user.item.default -T /System/Library/SystemConfiguration/EAPOLController.bundle/Contents/Resources/eapolclient 

security add-generic-password -a ${USER} -D "802.1X Password" -l ${SSID} -s com.apple.network.eap.user.item.wlan.ssid.${SSID} -T /System/Library/SystemConfiguration/EAPOLController.bundle/Contents/Resources/eapolclient

com.apple.network.eap.user.item.default and com.apple.network.eap.user.identity.default are for wired 802.1X.

com.apple.network.eap.user.item.wlan.ssid.${SSID} and com.apple.network.eap.user.identity.wlan.ssid.${SSID} are for 802.1X on wireless SSID ${SSID}.

Related

Why I can't remove iTunes and how to remove it?
Search for .bashrc or other dotfiles in Finder
Add item to Finder toolbar with terminal?
Pages: How do I change the column size in the footer?
Prevent Finder to launch on boot
Trying to install Xcode on Yosemite 10.10.5
Accidentally deleted history in Safari. Is there any way to get it back?
How to hide “Siri app suggestions” in iOS?
Linking python as external build tool in Xcode 7 El Capitan
Notes.app crashing continuously in El Capitan
Display interactive notifications (with buttons) via Terminal
Are the PHP preg_functions multibyte safe?