Storing TLS cert and general private keys in 1password

Question

HiI'm sure there's perhaps a good reason as to why this is not a feature, but I was wondering if there's a way to store Apple Developer certificates in 1password in a similar fashion to how we currently store and use ssh keys?&nbsp;The use case is that we would like to allow certain employees to have access to our Apple developer ID keys so that they can sign binaries and installer packages. At the moment we have to give them the actual private key and then of course we have no idea what happens to that key after they are done. It would be good if 1password could be brought into play in situations like this so that the key can be referenced and used on the command line and then of course the access is audited in the 1password logs.Does something like this already exist, perhaps I am not looking in the correct place?Thanks

1p_phil · Answer

Hi sram​ ,
Thanks for reaching out.
This is a good idea and I'm looking into recommendations at the moment. One workaround you could do is to create a vault to store the Apple Developer Certs as a key and then sharing the vault with your developers.&nbsp;
Using the "op read" CLI command they could then read the key out locally and do signing that way, but you end up with a key on their local machine.
op read "op://vault/item/private-key" &gt; private_key.pem
I'll follow up later once I hear from the team about suggested paths.
Thanks!
Phil

Forum Discussion

Storing TLS cert and general private keys in 1password

1 Reply

Featured discussions

September at 1Password: Browser versions, enhanced security, and new integrations

Recent discussions

Chrome Extension Settings

Upcoming 1Password webinars

2FA not working across timezones

Failed login attempts

Feature Request: Rename Employee Vault in 1Password Business