Skip to main content
Jamf Nation, hosted by Jamf, is a knowledgeable community of Apple-focused admins and Jamf users. If you like what you see, join us in person at the ninth annual Jamf Nation User Conference (JNUC) this October for three days of learning, laughter and IT love.

API / uAPI - allow for gathering certificate serial numbers

While you can grab the certificate on computer via the API serial numbers for each certificate aren't included. This serial number is unique per certificate and can help identify the certificate on the system to the entry in your PKI. This means you can't create a specific, identifiable list of certificates that are in production vs. those are aren't valid.

Exposing this via the API would allow us to gather this list of used certificates from Jamf Pro then revoke all certs that aren't used. This is needed as the Jamf Pro server doesn't revoke certificates automatically from Symantec PKI so we need to do this as a recurring manual quarterly task.

Comment

Posted: by bpavlov

Got my vote!

Like