Certificate List
Get a list of installed certificates on a device.
URL
PUT https://yourmdmhost.example.com/mdm#CertificateListCommandResponse Codes
| Status | Reason | Type | Description |
|---|---|---|---|
| 200 | OK Content-Type: application/xml | CertificateListResponse | The response object the system returns for the Certificate List Command. |
Discussion
This command allows the server to retrieve the list of installed certificates on the device. The command requires that the server has the Inspect Profile Manifest privilege. For user enrollment, this request returns only certificates pushed by MDM.
This command doesn’t return certificates that Declarative Device Management installs. Instead, use the Declarative Device Management StatusSecurityCertificateList status item to monitor the Declarative Device Management certificates.
Starting with iOS 15.4, this command returns a Not Now response before the passcode-protected device’s first unlock after a device boots. Between iOS 15.0 and iOS 15.4, devices in that state didn’t respond with Not Now, but the response might not contain all identity certificates.
Refer to the following sections to determine supported channels and requirements, and to see an example request and response.
Command availability
Device channel | iOS, macOS, Shared iPad, tvOS, visionOS, watchOS |
User channel | macOS |
Requires supervision | NA |
Allowed in user enrollment | iOS, macOS, visionOS |
Required access right | AllowInspection |
Example request and response
HTTP Body
The request object the server returns for the Certificate List Command.