Certificate Revocation Checking Configuration
This configuration allows the administrators to check an array of certificates revoked from a device. Administrators can specify a certificate authority (CA) that allows the configuration to enable revocation checking for all the certificates that are linked to the specified CA.
Applicable to: iOS 14.2+
- Go to Policies & Configurations > Configurations.
Click Add New > Apple > iOS / tvOS > Certificate Revocation.
The New Certificate Revocation Setting dialog box opens.
- Enter a Name and Description of the configuration.
- Click the Add+ button.
Select the Hash Algorithm (SHA 256 is the default) and enter the Hash of the root certificate.
In Hash, you have to enter a Base64 encoded (binary) SHA-256 hash of the certificate’s public key. See Apple documentation for the available trusted root certificates for Apple operating systems. You can add multiple root certificates in this configuration.
- Click Save.