Certificate Revocation MDM payload settings for Apple devices
You can configure Certificate Revocation settings for users of an iPhone, iPad or Apple Vision Pro enrolled in a mobile device management (MDM) solution. Use the Certificates Revocation payload to revoke certificates on the device.
The Certificate Revocation payload supports the following. For more information, see Payload information.
Supported payload identifier: com.apple.security.certificaterevocation
Supported operating systems and channels: iOS, iPadOS, visionOS 1.1.
Supported enrolment methods: Device Enrolment.
Duplicates allowed: True — more than one Certificate Revocation payload can be delivered to a device.
You can use the settings in the table below with the Certificate Revocation payload.
Setting | Description | Required | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Certificates | A list of certificates for revocation. Specifying a certificate authority (CA) enables revocation checking for all certificates chaining up to that CA. | Yes | |||||||||
Note: Each MDM vendor implements these settings differently. To learn how various Certificate Revocation settings are applied to your devices, consult your MDM vendor’s documentation.