fleet icon indicating copy to clipboard operation
fleet copied to clipboard
verified publisher icon fleetdm

Deploy certificates to macOS hosts using EJBCA's (certificate authority) API

Open noahtalerman opened this issue 5 months ago • 4 comments

Goal

User story
As an IT admin using EJBCA as my certificate authority (CA),
I want to deploy certificates to macOS hosts
so that I can connect my end users to the corporate Wi-Fi and/or VPN.

Key result

Original requests

  • #29176

Resources

None

Changes

Product

  • [ ] UI changes: TODO
  • [ ] CLI (fleetctl) usage changes: TODO
  • [ ] YAML changes: TODO
  • [ ] REST API changes: TODO
  • [ ] Fleet's agent (fleetd) changes: TODO
  • [ ] GitOps Mode UI changes: TODO
  • [ ] GitOps generation changes: TODO
  • [ ] Activity changes: TODO
  • [ ] Permissions changes: TODO
  • [ ] Changes to paid features or tiers: TODO
  • [ ] My device and fleetdm.com/better changes: TODO
  • [ ] Other reference documentation changes: TODO
  • [ ] First draft of test plan added
  • [ ] Once shipped, requester has been notified
  • [ ] Once shipped, dogfooding issue has been filed

Engineering

  • [ ] Test plan is finalized
  • [ ] Contributor API changes: TODO
  • [ ] Feature guide changes: TODO
  • [ ] Database schema migrations: TODO
  • [ ] Load testing: TODO

ℹ️  Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".

QA

Risk assessment

  • Requires load testing: TODO
  • Risk level: Low / High TODO
  • Risk description: TODO

Test plan

Make sure to go through the list and consider all events that might be related to this story, so we catch edge cases earlier.

  1. TODO
  2. TODO
  3. TODO

Testing notes

Confirmation

  1. [ ] Engineer: Added comment to user story confirming successful completion of test plan.
  2. [ ] QA: Added comment to user story confirming successful completion of test plan.

noahtalerman avatar Jul 17 '25 12:07 noahtalerman

This will be the #1 priority of the sprint for 4.81.0 so we can get an early test of it. @georgekarrv @noahtalerman

alexmitchelliii avatar Nov 04 '25 23:11 alexmitchelliii

Added a p2 based on Alex's comment above. Does that work for you @lukeheath ?

zayhanlon avatar Nov 04 '25 23:11 zayhanlon

@zayhanlon Since this still needs to be drafted I'm going to defer to @noahtalerman on priority label (i.e. how he's going to keep track of this being needed in 4.81.0).

lukeheath avatar Nov 05 '25 22:11 lukeheath

@lukeheath @zayhanlon @alexmitchelliii @georgekarrv P2 works for me 👍

noahtalerman avatar Nov 05 '25 23:11 noahtalerman