Tables
Tables{{numberOfTablesDisplayed}}
certificates
Certificate authorities installed in Keychains/ca-bundles.
| Column | Type | Description |
|---|---|---|
| authority_key_id | text | AKID an optionally included SHA1 |
| ca | integer | 1 if CA: true (certificate is an authority) else 0 |
| common_name | text | Certificate CommonName |
| issuer | text | Certificate issuer distinguished name (deprecated, use issuer2) |
| issuer2 | text | Certificate issuer distinguished name Only available on Linux and macOS |
| key_algorithm | text | Key algorithm used |
| key_strength | text | Key size used for RSA/DSA, or curve name |
| key_usage | text | Certificate key usage and extended key usage |
| not_valid_after | text | Certificate expiration data |
| not_valid_before | text | Lower bound of valid date |
| path | text | Path to Keychain or PEM bundle |
| self_signed | integer | 1 if self-signed, else 0 |
| serial | text | Certificate serial number |
| sha1 | text | SHA1 hash of the raw certificate contents |
| sid | text | SID Only available on Windows |
| signing_algorithm | text | Signing algorithm used |
| store | text | Certificate system store Only available on Windows |
| store_id | text | Exists for service/user stores. Contains raw store id provided by WinAPI. Only available on Windows |
| store_location | text | Certificate system store location Only available on Windows |
| subject | text | Certificate distinguished name (deprecated, use subject2) |
| subject2 | text | Certificate distinguished name Only available on Linux and macOS |
| subject_key_id | text | SKID an optionally included SHA1 |
| username | text | Username Only available on Windows |
Example
Replace 1QAZ2WSX with your Apple Developer ID, if you have one. This query will then let you identify Macs that have a copy of your code signing and notarization certificates.
SELECT * FROM certificates WHERE common_"name" LIKE '%%1QAZ2SWX%%';
Edit page
Need more help?
Ask the community on Slack
SOC2 Type 2
© 2024 Fleet Inc.
Privacy
