I have a single developer in my environment that requires a Mac (OSX 10.10.4) to perform his duties. I've managed to install our Root CA chain on his laptop (based on the fact that Safari isn't throwing cert errors anymore). However, he has various development command line tools that don't appear to use the built in system keychain. Is there a documented best practice for installing CA chains on Macs? Has anyone ran into any similar issues?
I've been chasing my tail on this for a couple days now, I'd prefer not to create an SSL Bypass for a single machine if at all possible. The apps in question are Brew and rvm (Ruby on Rails). It looks like OSX now uses some *** format of openssl.
What do your install practices look like for you Mac clients?
Thanks!