v1.0.4, update distribute script

[jworkmanjc]

Issues

• SA-3379 - Radius Cert Deployment, SSID mac set preference regardless of the certificate identifier type.

What does this solve?

In previous iterations of the Radius Cert Deployment scripts, if a cert type of EmailSAN or EmailDN was selected and distributed to a macOS system, the step to assign a network SSID to the installed certificate would fail. The deployment script was erroneously attempting to identify a certificate by it's email identifier which is not a valid option for the Security Set-Identity-Preference command. This would result in the command results throwing an exit code 2, and an "illegal option --e" error:

To address this, instead of identifying commands by their common name, or email (depending on the cert type), now all installed certificates will be identified by their SHA1 hash. When the macOS command attempts to assign a network SSID to the installed certificate, the certificate will be explicitly identified by its SHA1 hash.

Is there anything particularly tricky?

How should this be tested?

Validate the previous behavior, generate a set of user certs of type EmailSAN or EmailDN and deploy to a macOS host. The commands should fail on the set-identity-preference step.

Pull the changes from this branch into your local project and attempt to distribute a set of EmailSAN or EmailDN certs again. The certificate should be installed correctly and not throw any errors.

Screenshots

[kmaranionjc]

Test worked as expected, code looks good as well

[gweinjc]

EmailSAN and EmailDN appear to be installing correctly on my Mac systems. Nice job