#!/bin/bash# Grabs the expired certificate hashesexpired=$(security find-identity | grep EXPIRED | awk '{print $2}')# Check for certsif [ -z "$expired" ]
then
echo "No expired certificates, we're all good"
else
# Deletes the expired certs via their hash
echo "Deleting expired certs"
security delete-certificate -Z $expired fiexit 0 #success