PayloadContent PayloadCertificateFileName conditional_access_ca.der PayloadContent $DOGFOOD_OKTA_CA_CERTIFICATE PayloadDescription Fleet conditional access CA certificate PayloadDisplayName Fleet conditional access CA PayloadIdentifier com.fleetdm.conditional-access-ca PayloadType com.apple.security.root PayloadUUID c6d7357b-5b6b-5577-bd3f-e6c886bad550 PayloadVersion 1 PayloadContent URL https://dogfood.fleetdm.com/api/fleet/conditional_access/scep Challenge $DOGFOOD_GLOBAL_ENROLL_SECRET Keysize 2048 Key Type RSA Key Usage 5 ExtendedKeyUsage 1.3.6.1.5.5.7.3.2 Subject CN Fleet conditional access for Okta SubjectAltName uniformResourceIdentifier urn:device:apple:uuid:%HardwareUUID% Retries 3 RetryDelay 10 AllowAllAppsAccess KeyIsExtractable PayloadDescription Configures SCEP for Fleet conditional access for Okta certificate PayloadDisplayName Fleet conditional access SCEP PayloadIdentifier com.fleetdm.conditional-access-scep PayloadType com.apple.security.scep PayloadUUID 478f8ebd-ded5-5808-962d-36da7aa06afe PayloadVersion 1 Name https://okta.dogfood.fleetdm.com PayloadCertificateUUID 478f8ebd-ded5-5808-962d-36da7aa06afe PayloadDescription Identity preference for mTLS endpoints PayloadDisplayName Fleet mTLS identity preference PayloadIdentifier com.fleetdm.conditional-access-preference PayloadType com.apple.security.identitypreference PayloadUUID 686b683a-9052-5fe5-8dca-31b51b17bb2c PayloadVersion 1 PayloadType com.apple.ManagedClient.preferences PayloadVersion 1 PayloadIdentifier com.fleetdm.chrome.certs PayloadUUID 1c1ab10a-e7b5-5c76-937e-03001cc9bffb PayloadDisplayName Chrome mTLS auto-select PayloadContent com.google.Chrome Forced mcx_preference_settings AllowPolicyInIncognito AutoSelectCertificateForUrls {"pattern":"https://okta.dogfood.fleetdm.com","filter":{"SUBJECT":{"CN":"Fleet conditional access for Okta"}}} PayloadDescription Configures SCEP enrollment for Okta conditional access PayloadDisplayName Fleet conditional access for Okta PayloadIdentifier com.fleetdm.conditional-access-okta PayloadOrganization Fleet Device Management PayloadRemovalDisallowed PayloadScope User PayloadType Configuration PayloadUUID fa49f664-378e-5098-bc32-d8160215f873 PayloadVersion 1