I have a certificate and private key imported into the System Keychain which is used for client authentication in mTLS connections.
I can go into the Keychain Access UI and open up the options for the private key, navigate to the "Access Control List" tab and whitelist certain applications which have access to this key.
I am aware of the "security import" CLI command which allows me to set up the private key permissions using either the -A (allow all applications to access imported key) or -T (allow specific application to access imported key). But these only work for scenarios where I am importing a completely new Certificate + Private Key.
However, is there a way to make these "Access Control List" changes from a CLI command for a private key that is already present in the keychain?
I am deploying an application to a large number of machines and it is not feasible to have a manual step for adding the application to a whitelist in Keychain Access. Need to automate this stuff