Skip to main content
Jamf Nation, hosted by Jamf, is the largest Apple IT management community in the world. Dialog with your fellow IT professionals, gain insight about Apple device deployments, share best practices and bounce ideas off each other. Join the conversation.

API / uAPI - allow for gathering certificate serial numbers

While you can grab the certificate on computer via the API serial numbers for each certificate aren't included. This serial number is unique per certificate and can help identify the certificate on the system to the entry in your PKI. This means you can't create a specific, identifiable list of certificates that are in production vs. those are aren't valid.

Exposing this via the API would allow us to gather this list of used certificates from Jamf Pro then revoke all certs that aren't used. This is needed as the Jamf Pro server doesn't revoke certificates automatically from Symantec PKI so we need to do this as a recurring manual quarterly task.


Posted: by bpavlov

Got my vote!