Open noahtalerman opened 10 months ago
Fleet sends an MDM command to send a public key to the host via the device channel
When the IT admin adds a profile that requires a certificate, Fleet gets a cert from the CA and sends it to the host via the device channel. Cert gets installed on device Keychain
First pass at the workflow for this^ in Fleet:
com.apple.security.root
payload with the public keycom.apple.security.pkcs1
payload with empty data
, and System
for the PayloadScope
Hey @Patagonia121, heads up, we didn't have the space to take this on in the current design sprint (4.48).
It's a relatively large level of effort.
Like #13418, let's move quickly and meet with @alexmitchelliii to discuss the plan for addressing this customer request.
Goal
User journey
com.apple.security.root
payload with the public keycom.apple.security.pkcs1
payload with emptydata
, andSystem
for thePayloadScope
Changes
com.apple.security.pkcs1
MDM payload to install the keyProduct
Engineering
Product quality
Context
QA
Risk assessment
Manual testing steps
Testing notes
Confirmation