Active Directory Certificate (com.apple.ADCertificate.managed)

The fully qualified host name of the CA.

The certificate template for your environment. The default user certificate value is \`User\`. The default computer certificate value is \`Machine\`.

A user-friendly description of the certification identity.

The number of days in advance of certificate expiration that the notification center notifies the user.

The name of the certificate authority (CA), which is determined from the common name (CN) of the Active Directory entry. Available in macOS 10.8 and later. Valid values: - CN=<your CA Name> - CN=`Certification Authorities` - CN=`Public Key Services` - CN=`Services` - CN=`Configuration` - CN=<your base Domain Name>

This value is most commonly `RPC`; if using web enrollment, use `HTTP`. Available in macOS 10.8 and later.

If `true`, gives apps access to the private key. Available in macOS 10.10 and later.

If `true`, the system prompts the user for credentials when is installs the profile. This key applies only to user certificates with the Manual Download profile delivery method. Omit this key for computer certificates. Available in macOS 10.8 and later.

If `true`, the system allows exporting the private key. Available in macOS 10.10 and later.

The RSA key size for the certificate signing request (CSR). Available in macOS 10.11 and later.

If `true`, the certificate obtained with this payload attempts auto-renewal. Auto-renewal can only be used with device Active Directory certificate payloads. Available in macOS 10.13.4 and later.