Solutions
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Extend Fleet
Integrate your favorite tools with Fleet.
Customers
Stripe + Fleet
Stripe consolidates multiple tools with Fleet.
Foursquare + Fleet
Foursquare quickly migrates to Fleet for device management.
What people are saying
Stories from the Fleet community.
Pricing
More
Tables
Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.
Apple
Linux
Windows
ChromeOS
curl_certificate
curl_certificate
Inspect TLS certificates by connecting to input hostnames.
| Column | Type | Description |
|---|---|---|
| authority_key_identifier | text | Authority Key Identifier |
| basic_constraint | text | Basic Constraints |
| common_name | text | Common name of company issued to |
| dump_certificate | integer | Set this value to '1' to dump certificate Not returned in SELECT * FROM curl_certificate. |
| extended_key_usage | text | Extended usage of key in certificate |
| has_expired | integer | 1 if the certificate has expired, 0 otherwise |
| hostname | text | Hostname to CURL (domain[:port], e.g. osquery.io) Required in WHERE clause |
| info_access | text | Authority Information Access |
| issuer_alternative_names | text | Issuer Alternative Name |
| issuer_common_name | text | Issuer common name |
| issuer_organization | text | Issuer organization |
| issuer_organization_unit | text | Issuer organization unit |
| key_usage | text | Usage of key in certificate |
| name_constraints | text | Name Constraints |
| organization | text | Organization issued to |
| organization_unit | text | Organization unit issued to |
| pem | text | Certificate PEM format |
| policies | text | Certificate Policies |
| policy_constraints | text | Policy Constraints |
| policy_mappings | text | Policy Mappings |
| serial_number | text | Certificate serial number |
| sha1_fingerprint | text | SHA1 fingerprint |
| sha256_fingerprint | text | SHA-256 fingerprint |
| signature | text | Signature |
| signature_algorithm | text | Signature Algorithm |
| subject_alternative_names | text | Subject Alternative Name |
| subject_info_access | text | Subject Information Access |
| subject_key_identifier | text | Subject Key Identifier |
| timeout | integer | Set this value to the timeout in seconds to complete the TLS handshake (default 4s, use 0 for no timeout) Not returned in SELECT * FROM curl_certificate. |
| valid_from | text | Period of validity start date |
| valid_to | text | Period of validity end date |
| version | integer | Version Number |
Example
Identify the certificates being served to osquery clients. This can allow you to detect machines that are behind a proxy or firewall attempting to decrypt TLS, maliciously or not.
SELECT issuer_organization, signature, sha256_fingerprint FROM curl_certificate WHERE hostname='google.com';Questions?
SOC2 Type 2
