Certificate Authorities installed in Keychains/ca-bundles.

Platform support

Please be aware that some queries can only be run against certain platforms. Below is a list of the supported platforms that this query supports. Zercurity will automatically pause queries from running if errors are detected. Running a query against an unsupported platform will result in the following error: no such table: certificates

  • Mac OSX
  • Windows

Table schema

Name Type Description
common_name TEXT Certificate CommonName
subject TEXT Certificate distinguished name
issuer TEXT Certificate issuer distinguished name
ca INTEGER 1 if CA: true (certificate is an authority) else 0
self_signed INTEGER 1 if self-signed, else 0
not_valid_before DATETIME Lower bound of valid date
not_valid_after DATETIME Certificate expiration data
signing_algorithm TEXT Signing algorithm used
key_algorithm TEXT Key algorithm used
key_strength TEXT Key size used for RSA/DSA, or curve name
key_usage TEXT Certificate key usage and extended key usage
subject_key_id TEXT SKID an optionally included SHA1
authority_key_id TEXT AKID an optionally included SHA1
sha1 TEXT SHA1 hash of the raw certificate contents
path TEXT Path to Keychain or PEM bundle
serial TEXT Certificate serial number

Query examples

Select all the results for the given table.

SELECT * FROM certificates;