Disable Certificate Transparency enforcement for a list of URLs

Euwanh
New Contributor III

Hi,

I was just wondering if anyone has had any experience with this and would be able to guide me in the right direction to deploy this.  Any help would be appreciated. 

https://chromeenterprise.google/policies/#CertificateTransparencyEnforcementDisabledForUrls

3 REPLIES 3

Euwanh
New Contributor III

would it be a plist file I create under custom settings that look like this

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key> 
CertificateTransparencyEnforcementDisabledForUrls
</key>
<false/>

 

<array>
<string>example.com</string>
<string>.example.com</string>
</array>
</dict>
</plist>

talkingmoose
Moderator
Moderator

Consider using a Jamf manifest to make this easier.

There’s one available here:
https://github.com/Jamf-Custom-Profile-Schemas/ProfileManifestsMirror/blob/main/manifests/ManagedPre...

You can find instructions for using it here:
https://github.com/Jamf-Custom-Profile-Schemas/jamf-manifests/wiki

I suggest adding it to your new configuration profile and then immediately remove all the automatically enabled properties. Then add back only what you need.

Euwanh
New Contributor III

Thank you.