ADCS - CN equals

@k3vmo We use user certificates instead of device certs, so I can't answer this from direct experience, but I don't see $HOSTNAME as a valid variable for a Jamf Pro Configuration Profile (in https://learn.jamf.com/bundle/jamf-pro-documentation-current/page/Computer_Configuration_Profiles.html#ID-00022bba). Since $HOSTNAME should be equivalent to $COMPUTERNAME.comain.com I would recommend going with CN=$COMPUTERNAME.domain.com

We use computer certificates but with the serial number as UPN. For other extensions I used $COMPUTERNAME as Hostname.

What @sdagley said. Use CN=$COMPUTERNAME.domain.com That should work.