Solutions
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Extend Fleet
Integrate your favorite tools with Fleet.
Customers
Stripe + Fleet
Stripe consolidates multiple tools with Fleet.
Foursquare + Fleet
Foursquare quickly migrates to Fleet for device management.
What people are saying
Stories from the Fleet community.
Pricing
More
Tables
Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.
Apple
Linux
Windows
ChromeOS
certificates
certificates
Certificate authorities installed in Keychains/ca-bundles.
| Column | Type | Description |
|---|---|---|
| authority_key_id | text | AKID an optionally included SHA1 |
| ca | integer | 1 if CA: true (certificate is an authority) else 0 |
| common_name | text | Certificate CommonName |
| issuer | text | Certificate issuer distinguished name (deprecated, use issuer2) |
| issuer2 | text | Certificate issuer distinguished name Only available on Linux and macOS |
| key_algorithm | text | Key algorithm used |
| key_strength | text | Key size used for RSA/DSA, or curve name |
| key_usage | text | Certificate key usage and extended key usage |
| not_valid_after | text | Certificate expiration data |
| not_valid_before | text | Lower bound of valid date |
| path | text | Path to Keychain or PEM bundle |
| self_signed | integer | 1 if self-signed, else 0 |
| serial | text | Certificate serial number |
| sha1 | text | SHA1 hash of the raw certificate contents |
| sid | text | SID Only available on Windows |
| signing_algorithm | text | Signing algorithm used |
| store | text | Certificate system store Only available on Windows |
| store_id | text | Exists for service/user stores. Contains raw store id provided by WinAPI. Only available on Windows |
| store_location | text | Certificate system store location Only available on Windows |
| subject | text | Certificate distinguished name (deprecated, use subject2) |
| subject2 | text | Certificate distinguished name Only available on Linux and macOS |
| subject_key_id | text | SKID an optionally included SHA1 |
| username | text | Username Only available on Windows |
Example
Replace 1QAZ2WSX with your Apple Developer ID, if you have one. This query will then let you identify Macs that have a copy of your code signing and notarization certificates.
SELECT * FROM certificates WHERE common_"name" LIKE '%%1QAZ2SWX%%';Questions?
SOC2 Type 2
